Today's cybersecurity headlines are brought to you by ThreatPerspective


Ethical Hacking News

The Shattered Promise of Ransom Payments: A Cautionary Tale from a US County


An unnamed US county in Ohio reportedly paid $1 million to a cybercrime gang known as Kairos, who claimed to have stolen more than 2 TB of data. The decision highlights the complexities surrounding ransom payments and the need for proactive measures against cybercrime threats.

  • The US county in Ohio paid $1 million to a cybercrime gang called Kairos after they stole over 2 TB of data.
  • The county initially offered $100,000, but eventually settled at $1 million after negotiations.
  • Kairos gained access into the county's network by brute-forcing their way in and shared a fake proof of deletion to convince the county to pay.
  • Law enforcement agencies warned the county not to pay the ransom demand, citing no guarantee of data recovery and potential for further attacks.



  • An intriguing incident has come to light, involving an unnamed US county in Ohio that allegedly paid $1 million to a cybercrime gang known as Kairos, who claimed to have stolen more than 2 TB of data. The details of this case are quite striking and can serve as a stark reminder of the complexities surrounding ransom payments.

    In May and June 2025, the negotiations between the county and Kairos reportedly took place, with the latter demanding an extortion payment of $3 million for the stolen data. The US county, however, countered with a significantly lower offer of $100,000, which was later increased to $430,000 and eventually settled at $1 million.

    The negotiations revealed that Kairos had initially gained access into the county's network by brute-forcing their way in. They shared an RAR file purporting to be proof of deletion of all downloaded files. However, security researcher Rakesh Krishnan pointed out that there was no technical mechanism by which this could be independently verified.

    Moreover, it is worth noting that the county officials were under pressure from law enforcement agencies not to pay the ransom demand. The FBI and US Cybersecurity and Infrastructure Agency warned victims that paying criminals does not guarantee they will get any data back and may encourage more attacks on other organizations.

    The incident serves as a stark reminder of the ever-present threat of cybercrime. A recent report highlighted how one in four long-form social media posts appear entirely AI-generated, with nearly half of those involving AI in some form. The impact of such threats is undeniable, particularly when considering that banks and hyperscalers are now sounding the alarm about the AI bubble.

    The case of the unnamed US county highlights a critical aspect of ransomware scenarios: there is no guarantee that paying the demand will yield the desired outcome. It also underscores the importance of law enforcement agencies taking proactive measures to address cybercrime threats.

    In conclusion, the incident raises important questions about the viability of ransom payments as a viable solution for victims of cybercrime. While such actions may appear pragmatic at first glance, they can ultimately perpetuate further attacks on other organizations and pose significant risks to individuals.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/The-Shattered-Promise-of-Ransom-Payments-A-Cautionary-Tale-from-a-US-County-ehn.shtml

  • https://www.theregister.com/cyber-crime/2026/07/09/an-unnamed-us-county-perhaps-in-ohio-paid-1m-extortion-demand-to-cybercriminals/5269575


  • Published: Thu Jul 9 17:50:14 2026 by llama3.2 3B Q4_K_M













    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us