CWT Travel Agency Faces $4.5M Ransom in Cyberattack, Report

The corporate-travel leader has confirmed an attack that knocked systems offline.

CWT, a giant in the corporate travel agency world with a global clientele, may have faced payment of $4.5 million to unknown hackers in the wake of a ransomware attack.

Independent malware hunter @JAMESWT tweeted on Thursday that a malware sample used against CWT (formerly known as Carlson Wagonlit Travel) had been uploaded to VirusTotal on July 27; he also included a ransom note indicating that the ransomware in question is Ragnar Locker.

In a media statement to Threatpost, CWT confirmed the cyberattack, which it said took place this past weekend: “We can confirm that after temporarily shutting down our systems as a precautionary measure, our systems are back online and the incident has now ceased.”

@JAMESWT also reported that the ransom demanded clocked in at 414 Bitcoin, or about $4.5 million at the current exchange rate. A CWT spokesperson declined to comment on whether the ransom was paid, or any technical details of the attack, or how it was able to recover so quickly.

Despite assurances of recovery, the impact of the incident could be wide: CWT says that it provides travel services to 33 percent of the Fortune 500 and countless smaller companies. And according to the ransom note uploaded by @JAMESWT, the hackers claim to have downloaded 2TB of the firm’s data, including “billing info, insurance cases, financial reports, business audit, banking accounts…corporate correspondence…[and] information about your clients such as AXA Equitable, Abbot Laboratories, AIG, Amazon, Boston Scientific, Facebook, J&J, SONOCO, Estee Lauder and many others.”

If true, the tactic fits in with the one-two punch trend that many ransomware operators have taken of late – locking up files, but also stealing and threatening to release sensitive data if victims don’t pay up. Such was the case of celebrity law firm Grubman Shire Meiselas & Sacks, which was hit with the REvil ransomware in May. Attackers threatened to leak 756 gigabytes of stolen data, including personal info on Lady Gaga, Drake and Madonna.

And in fact, the attackers behind the Ragnar Locker ransomware in particular are known for stealing data before encrypting networks, as was the case in April, in an attack on the North American network of Energias de Portugal (EDP). The cyberattackers claimed to have stolen 10 TB of sensitive company data, and demanded a payment of 1,580 Bitcoin (approximately $11 million).

“Ragnar Locker is a novel and insidious ransomware group, as Portuguese energy provider EDP found out earlier this year,” Matt Walmsley, EMEA director at Vectra, said via email. “Mirroring the ‘name and shame’ tactic used by Maze Group ransomware, victim’s data is exfiltrated prior to encryption and used to leverage ransomware payments. The bullying tactics used by these ransomware groups are making attacks even more expensive, and they are not going to stop any time soon, particularly within the current climate.”

#breach #malware #data analysisa

What is GEEK

Buddha Community

CWT Travel Agency Faces $4.5M Ransom in Cyberattack, Report

Clovis Halvorson

1624519148

Top 6 Alternatives To Hugging Face

With Hugging Face raising $40 million funding, NLPs has the potential to provide us with a smarter world ahead.

In recent news, US-based NLP startup, Hugging Face has raised a whopping $40 million in funding. The company is building a large open-source community to help the NLP ecosystem grow. Its transformers library is a python-based library that exposes an API for using a variety of well-known transformer architectures such as BERT, RoBERTa, GPT-2, and DistilBERT. Here is a list of the top alternatives to Hugging Face .

Watson Assistant

LUIS:

Lex

Dialogflow

#opinions #alternatives to hugging face #chatbot #hugging face #hugging face ai #hugging face chatbot #hugging face gpt-2 #hugging face nlp #hugging face transformer #ibm watson #nlp ai #nlp models #transformers

Vern Greenholt

1596386640