{"id":53930,"date":"2020-01-30T10:20:48","date_gmt":"2020-01-30T15:20:48","guid":{"rendered":"http:\/\/mileniostadium.com\/?p=53930"},"modified":"2020-01-30T10:20:48","modified_gmt":"2020-01-30T15:20:48","slug":"hackers-were-paid-ransom-after-attack-on-canadian-insurance-firm-court-documents-reveal","status":"publish","type":"post","link":"https:\/\/mileniostadium.com\/canada\/hackers-were-paid-ransom-after-attack-on-canadian-insurance-firm-court-documents-reveal\/","title":{"rendered":"Hackers were paid ransom after attack on Canadian insurance firm, court documents reveal"},"content":{"rendered":"
A Canadian insurance company suffered a ransomware attack last fall that saw 1,000 of its computers infected, raising questions about what sensitive data may have been accessed by hackers and whether the firm disclosed the breach to its customers. The case has only now come to light because of recent court filings in Britain.<\/p>\n
The unnamed firm had itself purchased coverage in case of a cyberattack. The company’s U.K.-based reinsurer paid $950,000 US to unlock the hijacked files and is now fighting to get the money back from criminals, according to court documents stemming from a hearing held in private.<\/p>\n “A hacker managed to infiltrate and bypass the firewall of [the Canadian company]\u00a0and installed malware called BitPaymer,” reads a Dec. 13\u00a0ruling<\/u>\u00a0from England’s High Court in London. The document was published Jan. 17 and the case was first reported by the\u00a0New Money Review<\/u>.<\/p>\n The ruling simply refers to the Canadian firm as “the Insured Customer.” Its reinsurer also goes unnamed, having asked the court for anonymity. The case does not appear related to Andrew Agencies, a Manitoba-based insurance brokerage which recently acknowledged it had\u00a0fallen victim<\/u>\u00a0to a separate ransomware incident.<\/p>\n The attack on the unnamed Canadian firm became apparent on Oct. 10, 2019,\u00a0when computers began locking up and displaying a ransom note \u2014 a typical occurrence during such incidents.<\/p>\n “Your network was hacked and encrypted,” the message read, demanding a payment to release the machines and warning “no free decryption software is available on the web.” The cybercriminals threatened to encrypt the company’s files permanently if the episode were disclosed to the public, according to the court ruling.<\/p>\n The British reinsurer ultimately paid the hackers a $950,000 US ransom \u2014 negotiated down from an initial demand of $1.2 million \u2014 in the digital currency bitcoin. The Canadian company was then supplied with a digital decryption tool. It worked, but it took time.<\/p>\n “The information before me is that it took decryption of 20 servers of the Insured Customer five days and 10 business days for 1,000 desktop computers,” Justice Simon Bryan wrote.<\/p>\n