Ransomware is a type of malicious software that locks computer systems or data and often demands a ransom to unlock it. This scary face of malware targets computer systems and data. So, digital criminals use this malware to sell their victims the key to unlocking locked doors. Now that we have briefly mentioned ransomware, let’s take a look at the story of Citycomp, one of these attacks.
Ransomware
In an age where the digital world changes in the blink of an eye, cyber attackers are constantly looking for new ways to keep up. The cyber attack story of Citycomp company reveals how close this danger comes. Hackers who crossed the digital walls took the data of major companies around the world hostage. This incident highlights the challenges facing businesses by revealing the dangers of ransomware.
What is Ransomware and How Does It Work?
Now, we’ll take a look inside this dark world, examining how ransomware attacks work and how companies are trying to deal with these modern hackers. Cyber attacks continue to cause companies millions of dollars in losses. One of these attacks targeted the company Citycomp. Hackers carried out a cyber attack on Citycomp, which provides internet infrastructure services to world-famous companies, and seized the data of these companies. Michael Bartsch from Deutor Cyber Security confirmed that Citycomp was hacked and that attacks will continue if the ransom demand is not responded to.
A website created to distribute company data was discovered. The website allegedly hosts 312,570 files in 51,025 folders and over 516GB of financial and private data belonging to all customers. It is thought that the exposed data may belong to the German offices of the mentioned companies. Relevant companies were also informed about the issue. The created website is open to the public. Anyone can easily download any data they want from the site. While there are 2 or 3 files for some companies on the site, there are hundreds of files for some companies.
The website where the data is located contains an e-mail address so that hackers can be contacted. In the meeting held through this communication network, $5,000 was requested from Citycomp. One of the hackers contacted is the ‘Boris Bullet-Dodger’. He stated that they have been in the system for more than 1 month and that they specifically targeted Citycomp. The reason why Citycomp is especially targeted is that it has major security vulnerabilities.
Bartsch stated that Citycomp investigated the attack instead of paying the requested ransom. Financial data of the companies in question still appear to be publicly available on the internet.
Resource:
Joseph Cox (2019). Hackers Steal and Ransom Financial Data Related to Some of the World’s Largest Companies