How did CDK Global end the cyberattack from last month? latest news on the ransom
Recently, CDK Global said that “substantially all” of its customers could once again use the software systems it provides. Here’s how the outage was fixed.
Last month, CDK Global was hit by back-to-back cyberattacks which forced almost 15,000 dealerships that rely on the company’s management software to temporarily suspend operations or go back to paper and pen. The company was finally able to restore service to “substantially all” of its customers after nearly two weeks.
The cybercriminals that hacked into the company’s systems were reportedly demanding a multimillion-dollar ransom to return the data stolen.
How did CDK Global end the cyberattack from last month? latest news on the ransom paid
According to experts that track cryptocurrency payments that spoke to CNN it appears that CDK Global paid off the cybercriminals. Chris Janczewski, head of global investigations at crypto-tracking firm TRM Labs, told the outlet that on 21 June, 387 bitcoin was transferred to an account controlled by those affiliated with BlackSuit, an established ransomware group. That would have been the equivalent of roughly $25 million at the time.
CDK Global has not responded to CNN’s request for comment. And while those investigating cannot say for certain that it was the software provider that made that payment, they feel that the company was “very likely the source of that payment.”
Following cryptocurrency transactions can be complicated. However, the investigators were able to collect data from the blockchain that underpins such payments.