Calculating The Ransom Demand On The Victim’s Insurance

In an innovative move, the ransomware group HardBit has offered to set ransom its demands based on the victims’ cyber insurance coverage.  Organisations that have been targeted by HardBit's ransomware typically have their files encrypted. 

HardBit 2.0 says it steals files from compromised networks, encrypts the data it leaves behind, and demands a crypto currency ransom be paid, with the threat that company confidential data will be released online.

It is likely that the organisation’s main motivation is to steal victim’s data, however, security researchers have not identified a live website where the group leaks data and names their targets. Additionally, security researchers state that the group does not specify a ransom price in the notes it drops on compromised systems. Instead, the company is told to contact the hackers via email or an instant messaging platform hosted on the deep web browser, Tor.

When a victim has cyber insurance, the hackers ask them to provide details so they can set the ransom amount accordingly. HardBit say they do not want to demand more than what the victim can recover from the insurance company, but they also don’t want to be offered a low amount by the insurer’s representatives.

HardBit’s ransom demand even goes as far to say that sharing the insurance details is beneficial and insurers stand in the way of data recovery.

However, the cyber criminals behind HardBit warn that if payment is not made victims will not only never have access to their files again, but are warned that their company will be attacked again in the future. Furthermore, if payment or negotiations have not begun within 48 hours, HardBit warns that the ransom will be doubled.

The ransom message left behind on compromised systems does not specify how much the victim has to pay to recover its files. Instead, the targeted company is instructed to contact the hackers through email or the Tox instant messaging platform. However, the note does contain some important information about paying the ransom, specifically for victims that have a cyber insurance policy covering ransomware attacks

To fight ransomware attacks, it's important to report them to law enforcement and make sure you have offsite backups in place so you can easily recover your files.

To protect your systems from similar incidents in the future, always be cautious when opening unsolicited emails and attachments, and avoid visiting potentially malicious websites. Keep your security software updated as well so it can properly detect and remove malware.

Varonis:     NeoWin:      Tripwire:     Security Week:      Oodaloop:     NetSec News

You Might Also Read:

Crackdown On Ransomware Criminals:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Hackers Have Stolen GoDaddy's Source Code
An Apocalyptic Cyber Event »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

SABSACourses

SABSACourses

SABSA is a development process used for solving complex problems such as IT Operations, Risk Management, Compliance & Audit functions.

IX Associates

IX Associates

IX Associates is a UK based IT Integration business specialising in risk, compliance, eDefence, and network security solutions.

QA Systems

QA Systems

QA Systems provides software testing solutions for safety and business critical sectors and software safety and security standards.

Copper Horse Solutions

Copper Horse Solutions

Copper Horse specialises in mobile and IoT security, engineering solutions throughout the product lifecycle from requirements to product security investigations.

VisionWare

VisionWare

VisionWare provide consulting services and solutions in areas covering both physical and digital security.

Fujitsu

Fujitsu

Fujitsu is the leading Japanese global information and communication technology company, offering a full range of products, solutions and services including Managed IT Services and Cyber Security.

Sopher Networks

Sopher Networks

Sopher is a secure communication and collaboration platform for business and personal use.

Verodin

Verodin

Verodin is a business platform that provides organizations with the evidence needed to measure, manage and improve their cybersecurity effectiveness.

Crosspring

Crosspring

Crosspring is an incubator/accelerator for people who have the ambition to start a successful business or want to extend their existing business in the areas of FinTech, AR, VR, Cybersecurity and SaaS

Security Alliance

Security Alliance

Security Alliance provide bespoke cyber intelligence consulting and research services.

Kasm Technologies

Kasm Technologies

Kasm Browser Isolation - Protect your organization from malware, ransomware and phishing by using zero-trust containerized browsers.

Tetrad Digital Integrity (TDI)

Tetrad Digital Integrity (TDI)

TDI is a world-class consulting firm offering cybersecurity services to government agencies and commercial clients around the world.

Liberman Networks

Liberman Networks

Liberman Networks is an IT solutions provider company that provides security, management, monitoring, BDR and cloud solutions.

Nasuni

Nasuni

The Nasuni File Data Platform offers the protection, detection, and recovery of file shares from ransomware attacks or random disasters within minutes.

Applied Insight

Applied Insight

Applied Insight work closely with government agencies and industry to overcome technical and cultural hurdles to innovation, empowering them with the latest cloud, data and cyber capabilities.

CyberNut

CyberNut

CyberNut are a security awareness training solution built exclusively for schools.

Xmore AI

Xmore AI

Xmore AI, an emerging disruptor in our incubation, is building AI models to optimize and secure IT with the mission of increasing efficiency and reducing costs.