Hacked German IT Services Company Defies Ransom Demand

Not all online ransom demands focus on encrypting the victim's data. Some online extortion threatens public exposure. German IT services company CityComp faced that prospect after online criminals hacked its network.

Motherboard reported this week that hackers have successfully targeted the company, which provides IT support and maintenance services to enterprise clients. CityComp says that it maintains over 70,000 servers and storage systems across 75 countries, along with 500,000 other hardware units, ranging from PCs and workstations through to printers and cash registers.

The attackers claimed to have stolen the company's client data, amounting to 516 GB of financial and private information on all clients, stretching across over 300,000 files. The details affect clients including Leica, Toshiba, British Telecom, and Oracle. While some companies only have a handful of files available for download, others have hundreds, Motherboard said.

The hack reportedly happened at the start of April. Rather than encrypting files and charging the victim to get them back, these criminals have chosen a different tack. They attempted to blackmail CityComp, asking for $5000 and warning that if it didn't pay, they would dump the files online for all to see. They published a sample of the information on a site on the dark web this week and vowed to publish all of them at the end of April.

According to Motherboard, the hackers' site on the dark web includes an email address to contact them that is also linked to at least one previous ransomware campaign.

The Register has spoken to those who saw the sample data, who said that it contains things like contact information, meeting notes, and IT equipment inventories including model numbers and specifications. This could be useful for other attackers hoping to profile potential victims' infrastructure.

The topic of Threats, Exploits and Vulnerabilities will be covered throughout the free-to-attend conference at Infosecurity Europe in London from 4-6 June. See all the talks on Threats, Exploits and Vulnerabilities here. Infosecurity Europe is the leading European event for information and cyber security; find out more and secure your free visitor badge.

What’s Hot on Infosecurity Magazine?