Two US data recovery firms offer help. ProPublica finds they paid ransoms and charged extra.
Renee Dudley and Jeff Kao for ProPublica - 5/16/2019
From 2015 to 2018, a strain of ransomware known as SamSam paralyzed computer networks across North America and the UK It caused more than $30 million in damage to at least 200 entities, including the cities of Atlanta and Newark, New Jersey, the Port of San Diego and Hollywood Presbyterian Medical Center in Los Angeles. It knocked out Atlanta’s online water service requests and billing systems, prompted the Colorado Department of Transportation to call in the National Guard, and delayed medical appointments and treatments for patients nationwide whose electronic records couldn’t be retrieved. In return for restoring access to the files, the cyberattackers collected at least $6 million in ransom.
“You just have 7 days to send us the BitCoin,” read the ransom demand to Newark. “After 7 days we will remove your private keys and it’s impossible to recover your files.”
Full Article.