Several folks in the computer security industry raised their eyebrows when reading recent reports that a UK council had been hit hard by ransomware, taking regular services offline.
Staff were forced to resort to pen and paper, make lots of phone calls, and even the local libraries were disrupted.
Libraries are open as usual but please be aware that the computers are currently unavailable due to a malware attack
— Lincolnshire County Council (@LincolnshireCC) January 27, 2016
The news that an organisation had been hit by malware that encrypted data files, and demands that payment be made for their recovery isn’t unusual of course. But the surprising headline that started to spread across the internet was that the malicious hackers were attempting to extort a million quid from Lincolnshire County Council.
For instance, both an online news story and video report from the BBC asserted that the attackers had demanded a £1 million ransom be paid for the safe restoration of the council’s files.
Frankly, that figure always sounded highly unlikely.
Think about it. The reason hackers hit computers with ransomware is to make money. As Bob Covello recently pointed out, if hackers ask for too much money no-one is likely to pay – and hopefully more and more people and organisations will recognise the value in investing in layered security and backups of their essential data.
£1 million? Few organisations have that kind of money kicking around to give to a bunch of hackers. The hackers know this, and that’s why they’re much more likely to ask for a few hundred pounds worth of Bitcoin.
Sure enough, an update from BBC News reports that the earlier claim of a £1 million ransom demand has now been revised to… umm… a mere £350.
To their credit, Lincolnshire County Council says it will not be paying their attackers anything, even at that less eye-watering price.
Which is a good thing. As past victims of online extortion have discovered, paying the bad guys is not worth it.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.