CDK Global cyberattack: Cleveland will not negotiate with cyberattackers | What happens if they don’t pay the ransom?
CDK Global is dealing with the ransomware attack it suffered, while another victim of a similar breach has said they will not negotiate with cyberattackers.
A ransomware attack on CDK Global and their commercial software for selling vehicles brought thousands of car dealerships to a standstill all over the country. Although some services to the company’s products have been restored, some dealerships were still experiencing outages.
CDK Global is still in the process of dealing with the cybersecurity breach, while another victim of a cyber attack has put its foot down and said it will not pay the ransom demanded by cybercriminals.
READ ALSO: CDK hit by another cyberattack: Critical situation forces company to shut down systems on June 20
Cleveland will not negotiate with cyberattackers
Threat actors attacked the City of Cleveland’s systems less than two weeks ago and the city says they will not give in to the demands of the criminals. According to News 5 Cleveland, the city government refused to answer questions about the ransom, with an official saying they cannot share details of the demand as a matter of security.
Cleveland employees have been coping with challenges to provide services to the city’s residents. However, city officials say not all systems were attacked. It is also not immediately clear how the bad actors carried out the attack and which data they were able to obtain.
READ ALSO: Second major cyberattack on car dealerships this month raises questions about security
What happens if the City of Cleveland doesn’t pay the ransom?
Some companies who are victims of ransomware attacks decide to pay the demand because the data stolen by the cybercriminals is so sensitive that its release would have devastating consequences for the organization. However, paying the fee is likely to trigger more demands, and further funds the activities of the attackers.
In the case of Cleveland, deciding not to pay may result in manageable losses, if the information that the criminals stole was non-essential. The decision indicates they are confident that they will be able to recover whatever information may have been lost.
However, the City of Cleveland could face bigger problems if the data breach involved personal identifiable data. If the information is released on the dark web or elsewhere, the office may face class action lawsuits from the people whose information was compromised.