AGL 38.54 Increased By ▲ 0.97 (2.58%)
AIRLINK 129.50 Decreased By ▼ -3.00 (-2.26%)
BOP 5.61 Decreased By ▼ -0.03 (-0.53%)
CNERGY 3.86 Increased By ▲ 0.09 (2.39%)
DCL 8.73 Decreased By ▼ -0.14 (-1.58%)
DFML 41.76 Increased By ▲ 0.76 (1.85%)
DGKC 88.30 Decreased By ▼ -1.86 (-2.06%)
FCCL 35.00 Decreased By ▼ -0.08 (-0.23%)
FFBL 67.35 Increased By ▲ 0.85 (1.28%)
FFL 10.61 Increased By ▲ 0.46 (4.53%)
HUBC 108.76 Increased By ▲ 2.36 (2.22%)
HUMNL 14.66 Increased By ▲ 1.26 (9.4%)
KEL 4.75 Decreased By ▼ -0.11 (-2.26%)
KOSM 6.95 Increased By ▲ 0.10 (1.46%)
MLCF 41.65 Decreased By ▼ -0.15 (-0.36%)
NBP 59.60 Increased By ▲ 1.02 (1.74%)
OGDC 183.00 Increased By ▲ 1.75 (0.97%)
PAEL 26.25 Increased By ▲ 0.55 (2.14%)
PIBTL 5.97 Increased By ▲ 0.14 (2.4%)
PPL 146.70 Decreased By ▼ -1.70 (-1.15%)
PRL 23.61 Increased By ▲ 0.39 (1.68%)
PTC 16.56 Increased By ▲ 1.32 (8.66%)
SEARL 68.30 Decreased By ▼ -0.49 (-0.71%)
TELE 7.23 Decreased By ▼ -0.01 (-0.14%)
TOMCL 35.95 Decreased By ▼ -0.05 (-0.14%)
TPLP 7.85 Increased By ▲ 0.45 (6.08%)
TREET 14.20 Decreased By ▼ -0.04 (-0.28%)
TRG 50.45 Decreased By ▼ -0.40 (-0.79%)
UNITY 26.75 Increased By ▲ 0.35 (1.33%)
WTL 1.21 No Change ▼ 0.00 (0%)
BR100 9,809 Increased By 41.1 (0.42%)
BR30 29,711 Increased By 311.1 (1.06%)
KSE100 92,406 Increased By 468.1 (0.51%)
KSE30 28,874 Increased By 129.9 (0.45%)

LONDON: US travel management firm CWT paid $4.5 million this week to hackers who stole reams of sensitive corporate files and said they had knocked 30,000 computers offline, according to a record of the ransom negotiations seen by Reuters.

The attackers used a strain of ransomware called Ragnar Locker, which encrypts computer files and renders them unusable until the victim pays for access to be restored. The ensuing negotiations between the hackers and a CWT representative remained publicly accessible in an online chat group, providing a rare insight into the fraught relationship between cyber criminals and their corporate victims.

CWT, which posted revenues of $1.5 billion last year and says it represents more than a third of companies on the S&P 500 US stock index, confirmed the attack but declined to comment on the details of what it said was an ongoing investigation.

"We can confirm that after temporarily shutting down our systems as a precautionary measure, our systems are back online and the incident has now ceased," it said in a statement.

"While the investigation is at an early stage, we have no indication that personally identifiable information/customer and traveller information has been compromised."

Comments

Comments are closed.