These firms promise high-tech ransomware solutions—but typically just pay hackers

Enlarge / Cryptolocker was one of the ransomware pioneers, bringing together file encryption and bitcoin payment. (credit: Christiaan Colen / Flickr) This story was originally published by ProPublica. It appears here under a Creative Commons license.


From 2015 to 2018, a strain of ransomware known as SamSam paralyzed computer networks across North America and the UK It caused more than $30 million in damage to at least 200 entities, including the cities of Atlanta and Newark, New Jersey, the Port of San Diego and Hollywood Presbyterian Medical Center in Los Angeles. It knocked out Atlanta’s online water service requests and billing systems, prompted the Colorado Department of Transportation to call in the National Guard, and delayed medical appointments and treatments for patients nationwide whose electronic records couldn’t be retrieved. In return for restoring access to the files, the cyberattackers collected at least $6 million in ransom.
“You just have 7 days to send us the BitCoin,” read the ransom demand to Newark. “After 7 days we will remove your private keys and it’s impossible to recover your files.”
Read 167 remaining paragraphs | Comments