Israeli Software Firm Goes Behind Regulator's Back to Pay $250,000 in BTC Ransom

Published at: June 15, 2020

An Israel-based company reportedly paid $250,000 in Bitcoin for a ransom payment demanded by hackers that threatened to shut down its systems after a ransomware attack.

According to a source quoted by Calcalist on June 14, Sapiens International Corp. N.V. — a Nasdaq and Tel Aviv-listed software company — didn’t report the decision to the securities’ regulators of either the U.S. or Israel.

The ransomware attack happened at some point between March and April, when the COVID-19 outbreak exploded across the globe, forcing most of the company’s employees to switch to remote work.

A suspected security breach during the early stage of the COVID-19 outbreak

Sapiens employs around 2,500 people globally, and 900 of them are in Israel. Although there are no further details on what ransomware gang is behind the attack, the hackers could have taken advantage of the security weaknesses discovered during migration to remote work.

The company has not officially referenced the attack, neither to confirm nor deny the ransom payment in Bitcoin (BTC) reported by the Israeli media.

Most of Sapiens’ client base is located in the U.S. and Europe, while its secondary markets are in South Africa and Asia Pacific.

Sapiens’ ransom payment is higher than the average

The article highlights that the figure is high for a ransomware attack, considering that a report from the cyber company Coveware said in 2019 that the average ransom request in 2019 was $40,000, and the average attack lasted 12 days.

In early June, Cointelegraph reported that the NetWalker ransomware gang had attacked Michigan State University, or MSU. At the time, the gang threatened to leak students’ records and financial documents. However, the university’s officials said that they will not pay the ransom.

Tags
Related Posts
California University Pays Million-Dollar Crypto Ransom
The University of California at San Francisco School of Medicine reportedly paid a $1.14 million ransom in cryptocurrencies to the hackers behind a ransomware attack on June 1. According to CBS San Francisco, the UCSF IT staff first detected the security incident, stating that the attack launched by NetWalker group affected “a limited number of servers in the School of Medicine.” Although the areas were isolated by experts from the internal network, the hackers left the servers inaccessible and managed to deploy the ransomware successfully. A statement published by the University of California said: “The data that was encrypted is …
Technology / June 30, 2020
Knoxville Is the Latest American City to Suffer a Ransomware Attack
An unidentified ransomware gang attacked the city of Knoxville, Tennessee’s IT network, forcing officers to shut down all systems on June 12. According to local news station WVLT, the attack took place sometime between June 10–11, encrypting all files within the network infrastructure. The attack forced workstations of the internal IT network to be shut down, which also disconnected internet access from the mayor’s infrastructure, public website, and even the Knoxville court. The FBI is currently assisting in the investigation, although the identity of the ransomware group behind the attack has not yet been revealed. The official statement from the …
Technology / June 15, 2020
Robotics Company Falls Prey to Ransomware Attack
Ransomware gang REvil, known for launching stolen data auctions on the dark web, is now leaking sensitive documents stolen from a US-based robotics company. According to an official blog post from REvil on June 11, the team has started leaking confidential data belonging to Symbotic LLC. The post noted: “You do not want to speak with us and you probably think that we will not publish your data. We are already publishing.” The cybercriminal group stated that they’d created a website and paid for the hosting for a year. They threatened to make the robotics company’s data visible for “a …
Technology / June 12, 2020
Ransomware Gang Strikes Again With More Auctions Listing Stolen Data
Ransomware group REvil has started another auction on the dark web listing sensitive data stolen from two US-based law firms. The listing appeared June 6 through REvil’s official blog on the darknet, where bidders look to acquire 50GB of data from Fraser Wheeler & Courtney LLP and 1.2TB of data from the database of Vierra Magen Marcus LLP. Information auctioned includes client information, internal documentation of the company, electronic correspondence, patent agreements, business plans and projects, as well as new technologies that have yet to be patented. IP-related law firm among the victims The law firm Vierra Magen Marcus LLP …
Technology / June 8, 2020
Report: Ransom Costs for Stolen Data Rose 200% From 2018 to 2019
On average, the ransom demanded by cryptocurrency ransomware hackers increased by 200% from 2018 to 2019. According to a report published on June 5 by cybersecurity firm Crypsis Group, the average ransom demanded by cryptocurrency ransomware groups in 2019 reached $115,123. The median ransom, on the other hand, increased by 300% from 2018’s first quarter to the last quarter to 2019, reaching over $21,700. According to Crypsis Group, ransoms have grown as hackers increasingly target enterprises and select victims who are able to pay higher sums. Just yesterday, Cointelegraph reported that ST Engineering Aerospace’s United States subsidiary fell victim to …
Technology / June 8, 2020