Hackers tell Lion to pay hefty ransom
Trans-Tasman brewer Lion appears to have received a US$800,000 (NZ$1.25m) ransomware demand from extortionists who infected its IT systems.
Stuff is aware of evidence of a ransomware demand being made via ‘‘dark web’’ service Tor by extortionist group REVil that instructed Lion to make payment using a cryptocurrency called Monero.
Lion has been approached for comment.
The demand came as calls grew for the Government to attempt to break the ‘‘vicious cycle’’ of ransomware by making it illegal to pay or facilitate the payment of such ransoms.
Lion said on Tuesday that it had made good progress in bringing its systems back online safely.
‘‘However, there is still some way to go before we can resume our normal manufacturing operations and customer service,’’ it said.
Lion is one of several big businesses that have fallen victim to ransomware attacks in recent weeks.
Auckland-based whiteware manufacturer Fisher & Paykel Appliances has had its manufacturing and distribution systems disrupted after being compromised by an attack from a separate group of hackers, called
Nefilim.
Security expert Brett Callow of New Zealand-based IT security firm Emisoft said REVil was notorious for demanding very large ransoms.
In May, REvil reportedly demanded a US$42m ransom from a New York law firm, threatening to release sensitive files on the company’s celebrity clients who include Lady Gaga.
Callow backed calls for the Government to make it illegal to pay, or facilitate the payment of, ransomware demands.
‘‘The only way to stop ransomware attacks is to make them unprofitable and that means companies must stop paying ransoms,’’ he said.
‘‘The alternative is that the groups become ever-better resourced and have more money to invest to ramp up their operations and sophistication and that means more victims and ransoms paid – it’s a vicious circle.’’
He believed making it illegal to pay or assist in the payment of ransoms would help.
‘‘In lots of countries, including the US, the payment of ‘human’ ransoms is illegal but there is no restriction at all on the payment of ‘data ransoms’.’’
Ransomware extortionists were ‘‘literally making billions’’ and operating with almost complete impunity, he said.
‘‘The conviction rate for cybercrime is only about 0.5 per cent.’’