Skip to main content

Ransomware Infects Hosting Company; Decryption Costs A Million Dollars

By July 6, 2017May 24th, 2021Cybersecurity

A South Korean web hosting company called NAYANA has been the victim of what appears to be one of the largest, if not the largest ransomware attacks in the history of the internet.

According to the digital security firm Trend Micro, the ransomware used in the attack is called Erebus, and successfully infected all of the company’s servers, encrypting the website data of every site the company hosted. With no way to get the data back for their extensive user base, the company agreed to pay 397.6 bitcoins ($1.01 million USD) to get the decryption keys.

The initial demand made by the hackers was for 550 bitcoins, so the company was able to negotiate a substantially lower ransom, and they got the hackers to agree to let the company pay in three installments with each payment unlocking one third of the company’s files. So far, two of the three payments have been made, and the third is pending.

While notable for the sheer size of the payment, this latest attack underscores the danger of ransomware in general, and the mayhem it can cause.

It also underscores the need for better education and awareness, because overwhelmingly, ransomware infects a company via some flavor of phishing attack, which sees the hacker emailing company representatives with a note that contains a poisoned link or file.

If the users never click on or download these, then no infection occurs.

This drives home the point that no matter how advanced and robust your digital security system is, it’s only as good and as effective as your employees. If they are apathetic about matters of data security or simply unaware of the dangers clicking on untrusted links and files pose, then no amount of software is going to prevent tragedies like this from happening to your company.

An educated workforce is your best means of prevention, backed up by robust software, of course.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.