Photos from CDPR on Twitter

A hacker or an “unidentified actor” is holding the company CD Projekt Red in a ransomware attack. 

The “unidentified actor” left a readme file, stating that the company has 48 hours to contact them, or files of their administration, investors, and accounting documents will be dumped. 

They also state that they will sale the source codes of games copied from CDPR servers, titles Cyberpunk 2077, The Witcher 3, and Gwent. 

CDPR has responded that they will not negotiate and have taken the next steps to embrace for the damage the “unidentified actor” might cause. 

Photos from CDPR on Twitter

Javvad Malik, Security Awareness Advocate, KnowBe4 has weighed in on the CDPR debacle.

“We’ve seen ransomware evolve, not only is it enough for criminals to encrypt data, but they will spend time within the victims organization, stealing valuable data, working out which data is worth encrypting, and how much they should set the ransom at.

In many cases, these criminals go undetected in victim organizations for many months at a time.

So, it’s important that organizations have the right controls in place to prevent these attacks from being successful in the first place and have some form of monitoring and threat detection in place to see when they have been breached and to respond quickly.

The ransom demands are interesting because the criminals know that the organization can likely recover from backups. In this case, the ransomware itself isn’t the issue – it’s more of a statement to signal that they have breached the organization. The fact that the ransom note was addressed to them shows it was a targeted attack.

While ransomware itself can cause issues and not everything may be backed up. The real demand for payment is in exchange for the criminals not leaking the information they’ve stolen. However, the issue with this approach is that even if the victim pays the money, there is no way to guarantee the criminals will actually delete the data.”


Go to Top