US business travel company CWT pays $4.5 million in Bitcoin to hackers

One of the main reasons why Bitcoin is criticized globally is its use by criminal networks. Over the past decade, quite a few accidents and illegal activities that made international headlines involved Bitcoin and other cryptocurrencies. The thing is that digital currencies benefit from being extremely transparent and anonymous. Transactions do not identify anything but the unique ID which is not linked to any personal information on either side of the financial operation. Therefore, making financial transactions through Bitcoin during illegal activities is a simple and easy way out for many criminal authorities, groups and international networks.

The US-based global business travel management giant, CWT (previously also known as Carlson Wagonlit Travel) recently paid a whopping ransom of 414 Bitcoins (BTC), equivalent to roughly $4.5 million at the time of transaction. The transfer occurred on July 27th and was divided into two separate transactions. According to the Blockchain data, the amount was then immediately transferred to other accounts. Due to the characteristics of Bitcoin and Blockchain-based technology, it is impossible to identify the sides of the operation.

The hackers attacked the servers of the CWT, gaining access to highly sensitive information, including personal data of clients. They could access over 30,000 computers used by the company in different offices around the United States. Attackers used Ragnar Locker ransomware in order to get into the system and access the sensitive information. They initially asked for a $10 million ransom. However, after the CWT representatives announced significant losses during the pandemic, they accepted less than half of the initial demand.

The ransom negotiations were quite extensive and lengthy. The representatives of CWT and the group of hackers had a conversation about the amount and the way of payment through a publicly available chatroom. In other terms, anyone with access to the internet could join the chatroom and follow the negotiations between the attackers and the CWT. The hackers even asked for a bonus for recommending the ways of making CWT systems safer in the future. This would really come in handy for the company that had to pay such an outstanding amount.

As seen in some of the chat conversations between the hackers and the company, they were advised to update passwords monthly, have at least three system administrators in operation at any given time whilst regularly checking user privileges. After the payment, the hackers sent out the last message saying “it’s a pleasure to work with professionals”.

So was paying the ransom the only way out? In the recent years, we have witnessed a rapidly rising number of hackers asking for compensations after breaking into the systems of different institutions. Businesses are not the only ones affected by the alarming trend. The University of California at San Francisco School of Medicine paid a $1.14 million ransom after the hacker attack. The list is very long with more and more of the criminals using Bitcoin as an alternative, safer means of transaction. This is because of its anonymity. After the transaction is performed, chasing down the amount is practically impossible. On the other hand, when using more traditional means of financial transfers, the relevant authorities almost always find the hackers. Therefore, as of now, many experts say that paying a ransom is often a better idea than involving the police and starting an investigation.

Post fetched from this article