In the last decade, ransomware has become a formidable threat not only to individuals but also to corporations and critical infrastructure worldwide. Here’s an overview of ransomware attacks that shook the world with their astounding ransom demands.
- CNA Financial Corporation
Came into the spotlight this year by paying a $40 million ransom to address a Phoenix CryptoLocker attack. This marks it as one of the largest confirmed ransom payments ever in the United States. This payment highlights how expensive the consequences of compromised cybersecurity can be (DataProt). - Colonial Pipeline Company
Also wasn’t spared from this terror. In May 2021, this company shelled out $4.4 million to the DarkSide ransomware group. Although the payment was made, the group eventually provided a decryption tool for all affected users. Ironically, despite paying, there was still uncertainty regarding the security of their data (DataProt) (Comparitech). - JBS USA Holdings, Inc.
A giant in the food processing industry, was forced to pay $11 million to the REvil group in June 2021 to address an attack that targeted their critical infrastructure and supply chain. This event demonstrates how extensive the impact of cyberattacks can be on vital sectors (DataProt). - CWT Global
Found itself in tense negotiations after being attacked by the Ragnar Locker ransomware in July 2020. Initially demanded $10 million, this travel services company ultimately agreed to a payment of $4.5 million. This story illustrates how complex and difficult the negotiation situation can be with hackers (Heimdal Security). - Los Angeles Hospital (using Locky ransomware)
A hospital in Los Angeles was forced to pay $17,000 in February 2016 when the Locky ransomware locked access to their systems, including files critical to medical operations. Although this amount seems small compared to others, it indicates how vulnerable the healthcare sector is to cyberattacks (DataProt).
Ransomware is clearly not just a technical problem, but also a financial and operational one that can threaten the survival of an organization. Victims not only lose money, but also time, data, and sometimes—public trust.
