The £1,000,000 ransomware demand that wasn’t

Graham Cluley @gcluley

Several folks in the computer security industry raised their eyebrows when reading recent reports that a UK council had been hit hard by ransomware, taking regular services offline.

Staff were forced to resort to pen and paper, make lots of phone calls, and even the local libraries were disrupted.

Lincolnshire library notice

The news that an organisation had been hit by malware that encrypted data files, and demands that payment be made for their recovery isn’t unusual of course. But the surprising headline that started to spread across the internet was that the malicious hackers were attempting to extort a million quid from Lincolnshire County Council.

Email Sign up to our newsletterSign up to Graham Cluley’s newsletter - "GCHQ"
Security news, advice, and tips.

For instance, both an online news story and video report from the BBC asserted that the attackers had demanded a £1 million ransom be paid for the safe restoration of the council’s files.

Bbc news report

Frankly, that figure always sounded highly unlikely.

Think about it. The reason hackers hit computers with ransomware is to make money. As Bob Covello recently pointed out, if hackers ask for too much money no-one is likely to pay – and hopefully more and more people and organisations will recognise the value in investing in layered security and backups of their essential data.

£1 million? Few organisations have that kind of money kicking around to give to a bunch of hackers. The hackers know this, and that’s why they’re much more likely to ask for a few hundred pounds worth of Bitcoin.

Sure enough, an update from BBC News reports that the earlier claim of a £1 million ransom demand has now been revised to… umm… a mere £350.

To their credit, Lincolnshire County Council says it will not be paying their attackers anything, even at that less eye-watering price.

Which is a good thing. As past victims of online extortion have discovered, paying the bad guys is not worth it.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.