Calculating The Ransom Demand On The Victim’s Insurance

Uploaded on 2023-03-01 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Financial

In an innovative move, the ransomware group HardBit has offered to set ransom its demands based on the victims’ cyber insurance coverage.  Organisations that have been targeted by HardBit's ransomware typically have their files encrypted. 

HardBit 2.0 says it steals files from compromised networks, encrypts the data it leaves behind, and demands a crypto currency ransom be paid, with the threat that company confidential data will be released online.

It is likely that the organisation’s main motivation is to steal victim’s data, however, security researchers have not identified a live website where the group leaks data and names their targets. Additionally, security researchers state that the group does not specify a ransom price in the notes it drops on compromised systems. Instead, the company is told to contact the hackers via email or an instant messaging platform hosted on the deep web browser, Tor.

When a victim has cyber insurance, the hackers ask them to provide details so they can set the ransom amount accordingly. HardBit say they do not want to demand more than what the victim can recover from the insurance company, but they also don’t want to be offered a low amount by the insurer’s representatives.

HardBit’s ransom demand even goes as far to say that sharing the insurance details is beneficial and insurers stand in the way of data recovery.

However, the cyber criminals behind HardBit warn that if payment is not made victims will not only never have access to their files again, but are warned that their company will be attacked again in the future. Furthermore, if payment or negotiations have not begun within 48 hours, HardBit warns that the ransom will be doubled.

The ransom message left behind on compromised systems does not specify how much the victim has to pay to recover its files. Instead, the targeted company is instructed to contact the hackers through email or the Tox instant messaging platform. However, the note does contain some important information about paying the ransom, specifically for victims that have a cyber insurance policy covering ransomware attacks

To fight ransomware attacks, it's important to report them to law enforcement and make sure you have offsite backups in place so you can easily recover your files.

To protect your systems from similar incidents in the future, always be cautious when opening unsolicited emails and attachments, and avoid visiting potentially malicious websites. Keep your security software updated as well so it can properly detect and remove malware.

Varonis:     NeoWin:      Tripwire:     Security Week:      Oodaloop:     NetSec News

You Might Also Read:

Crackdown On Ransomware Criminals:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Hackers Have Stolen GoDaddy's Source Code
An Apocalyptic Cyber Event »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CDNetworks

CDNetworks

CDNetworks is a global content delivery network with a fully integrated cloud security solution, offering unparalleled speed, security and reliability for the almost instant delivery of web content.

Cryptomathic

Cryptomathic

Cryptomathic is an expert on commercial crypto - we develop, deliver and support the most secure and efficient off-the-shelf and customised solutions.

Secure-NOK

Secure-NOK

Secure-NOK provides products and solutions that detect and remove security attacks and harmful events in industrial networks and control systems.

Data Recovery Services (DRS)

Data Recovery Services (DRS)

DRS provides data recovery services from media including hard disk drives, RAID, solid state disks SSD, memory sticks, USB drives, SD cards, tapes and mobile phones.

California Cybersecurity Institute (CCI) - Cal poly

California Cybersecurity Institute (CCI) - Cal poly

The CCI provides a hands-on research and learning environment to explore new cyber technologies and train and test tactics alongside law enforcement and cyberforensics experts.

Devel Group

Devel Group

Devel are a LATAM cybersecurity company specialized in providing services in the financial and enterprise sector.

ConvergeOne

ConvergeOne

ConvergeOne is a leading global IT services provider of collaboration and technology solutions including cybersecurity.

Japan Cybersecurity Innovation Committee (JCIC)

Japan Cybersecurity Innovation Committee (JCIC)

JCIC is an independent and not-for-profit thinktank to establish a secure and safe digital society.

United Network Technologies

United Network Technologies

United Network Technologies is a leading Managed Services Provider, distributor and developer of specialised cyber security components and technologies.

Pires Investments

Pires Investments

Pires is building an investment portfolio of high-tech businesses across areas such as Artificial Intelligence, Internet of Things, Cyber Security and Augmented/Virtual Reality.

C3.ai Digital Transformation Institute

C3.ai Digital Transformation Institute

The C3.ai Digital Transformation Institute is a research consortium dedicated to accelerating the benefits of artificial intelligence for business, government, and society.

Easy Dynamics

Easy Dynamics

Easy Dynamics is a leading technology services provider with a core focus in Cybersecurity, Cloud Computing, and Information Sharing.

Tech Seven Partners

Tech Seven Partners

At TechSeven Partners, we provide a full suite of cyber security solutions for your business including network monitoring, onsite and cloud backup solutions, HIPAA or PCI compliance.

ASPIA InfoTech

ASPIA InfoTech

ASPIA Infotech is a leading Information and cybersecurity organization focused on innovative approaches to avert targeted attacks.

Camelot Secure

Camelot Secure

Camelot Secure Secure360 platform is a holistic redefinition of what world-class cybersecurity strategies can be. Prepare. Protect. Deploy.

TeKnowledge

TeKnowledge

TeKnowledge enables governments and enterprises around the world to navigate the challenges with digital transformation today and tomorrow with elite cybersecurity protection and managed services.