Mexican oil company Pemex was hit with a ransomware attack, and the hackers are demanding a US$5 million Bitcoin ransom.
The scourge of ransomware is increasing. Attacks against governments and small businesses have risen by 365% in 2019, according to Malwarebytes. The latest victim of a ransomware attack is Pemex, the state oil company of Mexico that was targeted last Sunday. The hackers have demanded that the company pony up a Bitcoin ransom of $5 million to get their computers back online.
Type of Ransomware Unknown
The attack forced the oil company to shut off computers across Mexico, and one of the systems affected was payments. The hackers left a message that pointed to a site on the dark web that demanded a Bitcoin ransom of 565 bitcoins, which is roughly worth $5 million, and a payment deadline of 48 hours.
Reuters used the contact info provided by the hackers to communicate with them, and the hackers replied that Pemex had missed their opportunity for a discounted “special price” on the ransom by paying early. So far, Pemex has not paid the ransom.
The oil company says that only about 5% of their computers were affected and that said computers are being totally wiped. In the meantime, Pemex is reconnecting their unaffected computers to bring operations back to normal. The company stresses that oil production was not impacted by the ransomware attack. It seems that the finance department was the hardest hit as a person with the company says all of their computers are off. An interesting facet of the company’s response is the use of WhatsApp to communicate with employees due to the fact that employees could not open their emails.
The actual type of ransomware is not known. The website the hackers pointed to is reportedly associated with the DoppelPaymer malware. An official with Pemex said in an internal email that the Ryuk malware was used in the attack, but that particular form of ransomware is normally associated with attacks on companies that generate between $500 million to $1 billion in revenue. Pemex had a total of $82.6 billion in gross revenue in 2018 and registered a net loss of $7.558 billion.
Costs of Ransomware
Whether a government or business pays a Bitcoin ransom, there is always a cost associated with a ransomware attack. Pemex has not paid the hackers their demand of $5 million in bitcoins, but the company says the attack is costing them $71 million to clean up their systems.
The city of Atlanta refused to pay a $52,000 ransom demand after a ransomware attack last year. The city has since spent $17 million to recover. Baltimore was hit in May 2019, and the city chose not to pay the ransom demand of $76,000. Estimates for the cleanup costs for Baltimore are at $18 million.
Some victims choose to pay their attackers. The city of Riviera Beach in Florida decided to pay the $600,000 demanded by the hackers in order to get their files back. NEO Urology, a healthcare company in Colorado, paid a ransom of $75,000 to get their systems unlocked. Another Colorado-based healthcare company, Estes Park Health, got its systems back online after their insurance company paid off the Bitcoin ransom.
The sad reality is that ransomware attacks are going to continue. The ease of being able to attack a business or city government from anywhere in the world, along with the potential payout, ensures that ransomware is not going anywhere any time soon.
Images courtesy of Reuters and Pixabay.