ALSO READ: Cyber attack on Antwerp ICT company: “No company is immune from this, no matter how secure”
ITxx was the victim of a hacking on July 2, which encrypted all data and emails of the company and of fifty hosted customers. As a result, ITxx’s customers, mainly SMEs active in human resources, interim offices and service voucher companies, had no access to their IT data or its backups. In the end, the company decided to pay ransom to the attackers, as they had also requested.
“In the interest of our customers, and because experts convinced us that there was no alternative, we proceeded to pay the ransom,” says manager Philippe Van Cauwenbergh. “We are now doing everything we can to get our customers back up and running quickly.”
First demanded 1.5 million
Securec states that the hackers initially demanded 1.5 million dollars, but that that amount could eventually be reduced to 300,000 dollars (about 252,000 euros). “Once it turned out that we would no longer be able to get the backups up and running, ITxx decided after the five-day negotiations to buy the encryption keys, ultimately for a fifth of the initially requested ransom,” said Geert Baudewijns, CEO of Securec. , On.
Securec states that the attack was perpetrated by Conti, the second largest hacker group in the world after REvil. Both hacker groups use botnet servers that lead to Russia. “Earlier this year, the Irish health care system and 16 US health care organizations were also victims of Conti. The fairly new ransomware uses a technique that first steals data and then encrypts it. The hack at ITxx is Conti’s first large-scale attack in Belgium targeting a service provider.” (jvo)
—