Backup appliance firm pays out $2.6 million ransom to attackers

Backup appliance firm pays out $2.6 million ransom to attackers

The Conti ransomware gang has successfully managed to extort millions of dollars out of an organisation once again.

What’s notable on this occasion is that the Conti group’s corporate victim is ExaGrid, a backup company.

And according to reports, last month it shelled out $2.6 million worth of ransom in Bitcoin, after having had its systems encrypted and 800GB exfiltrated from its servers.

Sign up to our free newsletter.
Security news, advice, and tips.

ExaGrid is not just any old backup storage service company. No, the very first thing you see when you visit its website is a press release extolling the virtues of the “ransomware recovery solution” it launched last year:

The release of Software Version 6.0, which included a streamlined navigation experience, user interface improvements, security enhancements, and most notably, the Retention Time-Lock for Ransomware Recovery, making ExaGrid the only backup storage system on the market to offer a non-network-facing tier with immutable objects and delayed deletes for ransomware recovery solution.

Sounds like just the kind of product that might be handy to have in place before your company gets hit by… uh-oh.

The hackers claimed that they had stole financial and personal data related to ExaGrid’s customers and staff, including “commercial contracts, NDA forms, financial data, tax returns and source code.”

Ok, look. It’s very easily to smirk and giggle at a firm which tries to help prevent companies from falling foul of ransomware to itself be found to have coughed up a ransom.

But all we’ve really had underlined here is that ransomware attacks can pretty much impact any business. What organisations need to do is ensure they have taken the vital steps to reduce the chances of them becoming the next ransom victim, and had the foresight to ensure that they can recover with the minimum fuss and cost.

ExaGrid’s product may work very well – I have no reason to believe it doesn’t. But recovering from a secure backup is not the only consideration when deciding whether to pay a ransom or not.

For instances, many organisations may feel pushed into a corner by their extortionists if threatened with the release of stolen data into the hands of other criminals or the general public.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.