Nearly 700 years ago, England captured King John II of France and held him for ransom for four million écus. But France could not afford to pay, and King John II ultimately traded his two sons as substitute hostages to try and secure his own release.
Today, it is not monarchs and their territorial kingdoms but computer systems and electronic kingdoms of data that are at risk. They are held hostage by foreign hackers who promise a key to unlock them in exchange for a king’s ransom in bitcoin. But unlike France in the 1300s, many companies today can and do pay.
When the cybercriminal group known as DarkSide took Colonial Pipeline’s computer systems hostage, it took less than a day for Colonial’s CEO to agree to pay 75 bitcoins ($4.4 million) to secure its release. It still took several days before the pipeline—a critical supplier of fuel for the eastern United States—was operational again.
And while Colonial’s $4.4 million payment made national headlines, it was well below the eyepopping $40 million that insurer CNA reportedly paid in March 2021 to neutralize a ransomware threat—more than any other publicly disclosed ransom ever paid.
Colonial reportedly had…
