The LockBit ransomware gang is threatening to release data on Wedneday stolen from CDW Corp., a major IT reseller and services provider in the U.S., Canada and the U.K..
The Register says it was told by a gang member that Lockbit made the decision because negotiations over the ransom fee broke down.
“As soon as the timer [on the Lockbit data leak site] runs out, you will be able to see all the information, the negotiations are over and are no longer in progress. We have refused the ridiculous amount offered,” The Register quotes the gang member saying.
LockBit listed CDW Corp. as one of its victims early last month.
It isn’t known how much data was stolen, or whether it includes personal information of employees and customers as well as corporate information.
IT World Canada has asked CDW Corp. for comment.
The issue of whether to pay a ransomware gang is complex for an organization. While many governments and law enforcement agencies around the world urge organizations not to pay, they also say it is a matter up to management — although in some countries it could be illegal. An organization’s decision will depend upon the sensitivity of the data stolen.
Another factor, however, is what the organization will get for shelling out. Paying is supposed to get the victim firm decryption keys to unscramble encrypted data. Sometimes those keys don’t work. Payment should also come with a promise from the gang to delete copies of the stolen data it holds. Whether that promise will be kept is a question.
According to a study by Cybereason, 80 per cent of organizations who paid a ransom demand were hit by ransomware a second time, with 68 per cent of respondents saying the second attack came less than a month later and threat actors demanded a higher ransom amount.
Experts repeatedly say organizations unprepared for a ransomware attack are the ones that are squeezed the most to pay.
Headquartered in Illinois, CDW generated net sales of US$22 billion in its last fiscal year. The company was incorporated in 1984, and soon after became Computer Discount Warehouse. By 1997 it had generated sales of over US$1 billion. In 2003, after buying the assets of Micro Warehouse, that firm’s Canadian business became CDW Canada. It entered the U.K. in 2014 after buying 35 per cent a leading British technology services and solutions company, completely taking it over a year later.
The post Ransomware gang threatens to release stolen CDW Corp. data first appeared on IT World Canada.