The £1,000,000 ransomware demand that wasn’t

Graham Cluley

The £1,000,000 ransomware demand that wasn't

Several folks in the computer security industry raised their eyebrows when reading recent reports that a UK council had been hit hard by ransomware, taking regular services offline.

Staff were forced to resort to pen and paper, make lots of phone calls, and even the local libraries were disrupted.

Lincolnshire library notice

The news that an organisation had been hit by malware that encrypted data files, and demands that payment be made for their recovery isn’t unusual of course. But the surprising headline that started to spread across the internet was that the malicious hackers were attempting to extort a million quid from Lincolnshire County Council.

For instance, both an online news story and video report from the BBC asserted that the attackers had demanded a £1 million ransom be paid for the safe restoration of the council’s files.

Bbc news report

Frankly, that figure always sounded highly unlikely.

Think about it. The reason hackers hit computers with ransomware is to make money. As Bob Covello recently pointed out, if hackers ask for too much money no-one is likely to pay – and hopefully more and more people and organisations will recognise the value in investing in layered security and backups of their essential data.

£1 million? Few organisations have that kind of money kicking around to give to a bunch of hackers. The hackers know this, and that’s why they’re much more likely to ask for a few hundred pounds worth of Bitcoin.

Sure enough, an update from BBC News reports that the earlier claim of a £1 million ransom demand has now been revised to… umm… a mere £350.

To their credit, Lincolnshire County Council says it will not be paying their attackers anything, even at that less eye-watering price.

Which is a good thing. As past victims of online extortion have discovered, paying the bad guys is not worth it.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES