A Danish news agency has said it refuses to pay hackers in the aftermath of a ransomware attack that saw Denmark’s largest news agency shut down its servers after being targeted.
Last week, Denmark’s largest news agency Ritzau announced that it was hit by a ransomware attack, with its CEO saying that the company was “the target of a hacker attack early this morning. It appears to be a professional attack.”
The company was forced to “shut down all our servers because we were unsure how much damage the attack could cause,” CEO Lars Westerloekke said in reference to the attack that saw malicious software take control of the agency’s sensitive files and data.
In the immediate aftermath of the attack, Ritzau said it was forced to send out news updates via an emergency email system, after having locked down a number of its vital systems to mitigate the damage of the ransomware attack.
This malicious software, once implanted in an organisation’s system, is able to identify files and encrypt them – essentially locking them up until a ransom is paid, usually in the form of bitcoin; hence the term, ransomware attack.
Now, we’ve got reports that the news agency is refusing to pay the demands of the hackers after the ransomware attack, which hit around 25% of the agency’s total 100 servers with malicious software.
Sarah Coble is reporting that “the agency had no clear idea of how much the attackers were demanding in return for the restoration of Ritzau’s encrypted files. Vesterloekke said that the agency had been instructed by its advisors not to open ‘a file with a message’ left behind by whoever was responsible for the ‘professional attack.’”
The company’s CEO essentially confirmed that the news agency has no intention of opening up the document with their list of demands. This means that Ritzau has made it clear to hackers that it refuses to pay to have their systems restored after the ransomware attack.
Click here for your Free ISO 27001 Gap Analysis Checklist
According to the FBI’s official Scams and Safety page, “the FBI does not support paying a ransom in response to a ransomware attack. Paying a ransom doesn’t guarantee you or your organisation will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.”
Ritzau is Denmark’s largest and oldest news agency, founded in 1866 and based in Copenhagen. The company has enlisted the help of forensic information security experts to investigate the ransomware attack.
The company has said in a statement that “Ritzau’s web services with distribution of news to media customers is now up and online again… the web service is in its first version without images and other associated formats.”
“As soon as there is a known time horizon for when the news app will be up again, we will announce it,’ the company added. “All resources are still being put into getting the systems back in operation, and we very much regret the inconvenience that the hacker attack has caused our customers due to lack of distribution and deliveries.”
