A company pays the ransomware ransom and makes another mistake
In summary, we can say that cybercriminals infect a computer or computer network and encrypt all content. This makes it impossible to log into a computer or open the files it contains. Logically this is a very important problem, since it could completely paralyze an organization.
In exchange for the victim to regain control of that computer or system, they must make a payment. In this way the cybercriminal decrypts the content and it becomes available again. However, measures must be taken not only to avoid this problem, but also to avoid falling again. This is what appears to have happened to a company.
What exactly happened? It is an anonymous company, which according to the United Kingdom’s National Cyber Security Center had to pay millions in bitcoins to be able to restore the network and have control of the equipment again.
The point is, they didn’t do anything else. They took no action to analyze why this attack had occurred, if they had any uncorrected vulnerabilities or any flaws that allowed hackers to enter.
This fact has led to the fact that only two weeks later they have suffered a new ransomware attack and also perpetrated by the same group of cybercriminals. Not only were they victims of an attack, but they fell back on the same stone just days later. Once again, the company paid the ransom again.
This case has come to light by the UK’s National Cyber Security Center to give a red flag to home users and businesses. It is important that in case of being victims and deciding to pay the ransom, take into account the need to detect what the problem has been and correct it as soon as possible.
A back door, possible cause of the attack
Computer security researchers indicate that the cause of this double attack may have occurred is possibly due to a back door. The criminals had access to the network through an uncorrected bug and thus have been able to gain access again.
Therefore, it is always essential fix any vulnerabilities there may be. It is necessary to install all the updates for our systems and devices. There are many occasions when faults arise that should be corrected as soon as possible.
But beyond this, it is also essential browse the network after having suffered a seizure to determine the route of entry. We may have a device connected that has a vulnerability and it is important to correct it. It is important to protect your computer from ransomware by email or any other method.
In short, we must always protect our computers to avoid being victims of ransomware. But in addition to this, we must also check what the failure could have been so that some malware enters or be the victim of an attack. The objective is that it does not happen again.