South Korean Company Surrenders $1 Million To Ransomware

A South Korea-based web hosting firm has fallen victim to ransomware. That’s not unusual in today’s cybersecurity climate, but what is unusual is how much the company is paying to regain control of its systems: $1 million.

Reports Tuesday (June 20) said Nayana was hit by a ransomware attack on June 10. The attack held 153 of the company’s servers under control, with the ransomware encrypting the servers and attackers refusing to release them unless the ransom was paid. According to reports, Nayana had hoped cybersecurity experts would be able to re-obtain the servers.

The company was reportedly negotiating with the cyberthieves, who had originally demanded bitcoin to the equivalent of about $5 million. Simultaneously, Nayana, which was posting updates about the situation on the company website, said it had attempted to restore its systems via customer backups, but those were also encrypted by ransomeware.

“We tried to recover the backed up data,” the company said the day after the attack. “But we found that both the internal backup … and the external backup were infected with ransomware, and all were encrypted.”

Nayana agreed to pay 397.6 bitcoins in total, worth about $1 million, reports said.

“We will do our best to make every service normalized as soon as possible,” said Nayana CEO Hwang Chilghong in a statement. “We will improve the security of the vulnerable areas with government agencies as much as possible.”

Reports said the company has taken out loans to cover the $1-million ransom, which is among the highest that experts have seen.

“This is the largest *paid* ransom I’ve seen to date,”said cybersecurity consultant Jake Williams in a post on Twitter. “Deinitely a game changer as ransomware goes more corporate.”