Calculating The Ransom Demand On The Victim’s Insurance

Uploaded on 2023-03-01 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Financial

In an innovative move, the ransomware group HardBit has offered to set ransom its demands based on the victims’ cyber insurance coverage.  Organisations that have been targeted by HardBit's ransomware typically have their files encrypted. 

HardBit 2.0 says it steals files from compromised networks, encrypts the data it leaves behind, and demands a crypto currency ransom be paid, with the threat that company confidential data will be released online.

It is likely that the organisation’s main motivation is to steal victim’s data, however, security researchers have not identified a live website where the group leaks data and names their targets. Additionally, security researchers state that the group does not specify a ransom price in the notes it drops on compromised systems. Instead, the company is told to contact the hackers via email or an instant messaging platform hosted on the deep web browser, Tor.

When a victim has cyber insurance, the hackers ask them to provide details so they can set the ransom amount accordingly. HardBit say they do not want to demand more than what the victim can recover from the insurance company, but they also don’t want to be offered a low amount by the insurer’s representatives.

HardBit’s ransom demand even goes as far to say that sharing the insurance details is beneficial and insurers stand in the way of data recovery.

However, the cyber criminals behind HardBit warn that if payment is not made victims will not only never have access to their files again, but are warned that their company will be attacked again in the future. Furthermore, if payment or negotiations have not begun within 48 hours, HardBit warns that the ransom will be doubled.

The ransom message left behind on compromised systems does not specify how much the victim has to pay to recover its files. Instead, the targeted company is instructed to contact the hackers through email or the Tox instant messaging platform. However, the note does contain some important information about paying the ransom, specifically for victims that have a cyber insurance policy covering ransomware attacks

To fight ransomware attacks, it's important to report them to law enforcement and make sure you have offsite backups in place so you can easily recover your files.

To protect your systems from similar incidents in the future, always be cautious when opening unsolicited emails and attachments, and avoid visiting potentially malicious websites. Keep your security software updated as well so it can properly detect and remove malware.

Varonis:     NeoWin:      Tripwire:     Security Week:      Oodaloop:     NetSec News

You Might Also Read:

Crackdown On Ransomware Criminals:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Hackers Have Stolen GoDaddy's Source Code
An Apocalyptic Cyber Event »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

InformationWeek

InformationWeek

InformationWeek is the world's most trusted online community for business technology professionals like you.

CSIRT Malta

CSIRT Malta

CSIRT Malta supports critical infrastructure organisations in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

TechDefence Labs

TechDefence Labs

TechDefence Labs provide pentesting and security assessment services for networks, web apps, mobile apps and source code reviews.

Threat Intelligence

Threat Intelligence

Threat Intelligence is a specialist security company providing penetration testing, threat intelligence, incident response and training services.

Cyverse

Cyverse

Cyverse is a cyber-security firm which provides corporations with state-of-the-art cyber-security service-based and technological solutions made in Israel.

NetKnights

NetKnights

NetKnights is an independent IT security company which offers services and products for strong authentication, identity management and encryption.

Vivitec

Vivitec

Vivitec security services are tailored for your business, industry, risk, technology, and size to ensure great protection and planned response for the inevitable cyber-attacks on your business.

Agio

Agio

Agio is a hybrid managed IT and cybersecurity provider servicing the financial services, health care and payments industries.

Hold Security

Hold Security

Hold Security works with companies of all sizes to provide unparalleled Threat Intelligence services that actually make a difference.

Peraton

Peraton

Peraton provides innovative solutions for the most sensitive and critical programs in government today, developed and executed by scientists, engineers, and other experts.

Xscale Accelerator

Xscale Accelerator

Xscale's vision is to create world-class startups out of India by transforming sales and providing access to global markets.

Atomic Data

Atomic Data

Atomic Data is an on-demand, always-on, pay-as-you-go expert extension of your enterprise IT team and infrastructure.

SGTech

SGTech

SGTech is the leading trade association for Singapore's tech industry, offering focused support and development to both strategic and emerging sectors in the industry.

Corona IT Solutions

Corona IT Solutions

At Corona IT Solutions, our team of specialists in networking, wireless and VoIP are dedicated to providing proactive monitoring and management of your IT systems.

Catalyst Campus For Technology & Innovation

Catalyst Campus For Technology & Innovation

Catalyst Campus is a collaborative ecosystem to create community, spark innovation and stimulate business growth.

Mindcore Technologies

Mindcore Technologies

Mindcore provide cyber security services, managed IT services and IT consulting services to businesses in NJ, FL, and throughout the United States.