AGL 40.00 No Change ▼ 0.00 (0%)
AIRLINK 129.06 Decreased By ▼ -0.47 (-0.36%)
BOP 6.75 Increased By ▲ 0.07 (1.05%)
CNERGY 4.49 Decreased By ▼ -0.14 (-3.02%)
DCL 8.55 Decreased By ▼ -0.39 (-4.36%)
DFML 40.82 Decreased By ▼ -0.87 (-2.09%)
DGKC 80.96 Decreased By ▼ -2.81 (-3.35%)
FCCL 32.77 No Change ▼ 0.00 (0%)
FFBL 74.43 Decreased By ▼ -1.04 (-1.38%)
FFL 11.74 Increased By ▲ 0.27 (2.35%)
HUBC 109.58 Decreased By ▼ -0.97 (-0.88%)
HUMNL 13.75 Decreased By ▼ -0.81 (-5.56%)
KEL 5.31 Decreased By ▼ -0.08 (-1.48%)
KOSM 7.72 Decreased By ▼ -0.68 (-8.1%)
MLCF 38.60 Decreased By ▼ -1.19 (-2.99%)
NBP 63.51 Increased By ▲ 3.22 (5.34%)
OGDC 194.69 Decreased By ▼ -4.97 (-2.49%)
PAEL 25.71 Decreased By ▼ -0.94 (-3.53%)
PIBTL 7.39 Decreased By ▼ -0.27 (-3.52%)
PPL 155.45 Decreased By ▼ -2.47 (-1.56%)
PRL 25.79 Decreased By ▼ -0.94 (-3.52%)
PTC 17.50 Decreased By ▼ -0.96 (-5.2%)
SEARL 78.65 Decreased By ▼ -3.79 (-4.6%)
TELE 7.86 Decreased By ▼ -0.45 (-5.42%)
TOMCL 33.73 Decreased By ▼ -0.78 (-2.26%)
TPLP 8.40 Decreased By ▼ -0.66 (-7.28%)
TREET 16.27 Decreased By ▼ -1.20 (-6.87%)
TRG 58.22 Decreased By ▼ -3.10 (-5.06%)
UNITY 27.49 Increased By ▲ 0.06 (0.22%)
WTL 1.39 Increased By ▲ 0.01 (0.72%)
BR100 10,445 Increased By 38.5 (0.37%)
BR30 31,189 Decreased By -523.9 (-1.65%)
KSE100 97,798 Increased By 469.8 (0.48%)
KSE30 30,481 Increased By 288.3 (0.95%)

LONDON: US travel management firm CWT paid $4.5 million this week to hackers who stole reams of sensitive corporate files and said they had knocked 30,000 computers offline, according to a record of the ransom negotiations seen by Reuters.

The attackers used a strain of ransomware called Ragnar Locker, which encrypts computer files and renders them unusable until the victim pays for access to be restored. The ensuing negotiations between the hackers and a CWT representative remained publicly accessible in an online chat group, providing a rare insight into the fraught relationship between cyber criminals and their corporate victims.

CWT, which posted revenues of $1.5 billion last year and says it represents more than a third of companies on the S&P 500 US stock index, confirmed the attack but declined to comment on the details of what it said was an ongoing investigation.

"We can confirm that after temporarily shutting down our systems as a precautionary measure, our systems are back online and the incident has now ceased," it said in a statement.

"While the investigation is at an early stage, we have no indication that personally identifiable information/customer and traveller information has been compromised."

Comments

Comments are closed.