Malaysia’s leading fully integrated media company, Media Prima Berhad has been a recent victim of ransomware attack. Their systems have been locked out and a ransom of 1000 bitcoins (currently valued at US$ 6.45 million) is demanded to release the infected systems, reports have said. However, anything about the type of ransomware is still not confirmed.
An official statement from Media Prima is yet to be received, however, it is reportedly said that the powerhouse won’t be kneeling down to the demands of the attackers since ‘only’ their email systems were affected. The powerhouse had already migrated to GSuite, a google’s mail product which runs independently of their local servers.
Source- NST
Such ransomware lockouts come with a timer that gives a deadline for payment. On non-payment of ransom before the deadline, the keys for decryption of the files are destroyed and the files are lost forever. Ransomware attacks rarely lead to a data breach and mostly it’s the data loss that has taken place in similar attacks in the past.
It is also speculated that the attack might have been targeted and not just random. One, the powerhouse had shifted to Gsuite which extensively scans the attachments for all malware and ransomware. This eliminates the chances of accidentally opening an attachment carrying the payload. Two, 1000 bitcoins seems quite a large figure to be associated with the work of known ransomware creators. The demand seems fair only for a large organization like Media Prima. Assuming the attack to be specifically engineered and targeted, the attacker either had access to the physical network or was able to get an employee onboard to deploy the payload from within the internal network.
Source- Pokde.com
However, it seems like Media Prima is avoiding any such news. Its been a while and no official announcement has been by the company regarding this.
Source- Lowyat.net
