In June, South Korean hosting company Internet Nayana, Inc., was hit by a ransomware attack that took down its 153 Linux web servers — home to more than 5,000 customer websites. “I know that negotiations with hackers should not be done,” company CEO Hwang Chilghong said in a statement. “I would not negotiate with a hacker if it was the case that it ended in the damage of my own company alone. However, the scale of the damage was too great and too many people would suffer.”
The company wound up paying nearly 400 Bitcoin to get its data back, which at the time was more than US $1 million. That was just part of the total costs the company incurred. In addition to the time and money spent on the recovery, the company had to give discounts and refunds to affected customers. Not all data could be restored, and the company promised affected customers free hosting for life.
Nayana isn’t alone. Earlier this month, shipping giant Maersk says that a ransomware attack got into the company’s systems via an automatic accounting software update. The cyber attack affected users and applications in 500 locations, the company says. While no data was lost, the recovery and loss of revenues is estimated to cost Maersk between $200 and $300 million.