Ransomware Cyberattackers Now Releasing Stolen Data To The Public
Cyberattackers using ransomware for money extortion have recently adopted a new strategy to force victims into succumbing to their threats – releasing sensitive stolen information to the public. This new strategy was brought to light by a recent cyberattack by the Maze Ransomware strain.
Typically, ransomware cyberattacks force victims to pay ransom fees by locking and encrypting their files behind paywalls. If the business or government that is hit does not have sufficient backups, they suffer major damages to productivity. Because the cost of the attack increases with each passing day that productivity is lost, these organizations opt to pay the ransom fee in order to resume daily functions. While cyberattackers also often threaten to release the files to the public, it is often believed that these threats were bluffed and that the attackers did not actually have access to the files.
The Maze Ransomware confirmed that cyberattackers can indeed access and release the files to the public. In a recent ransomware attack involving the “maze ransomware” this November, victim company Allied Universal refused to pay a ransom fee of 300 bitcoin (around $2.5 Million USD at the time). The cyberattackers then followed through on their threats and released around 700 MB of sensitive data to the public.
How are computer being infected with Maze?
Cybersecurity professional Jerome Segura discovered that Maze Ransomware was being spread via a fake cryptocurrency exchange webpage. It is believed that the ransomware was being distributed alongside another exploit, the ‘Fallout exploit kit”, which exploits security holes in Adobe Flash and Windows OS.
Another method of transmission is through malicious email attachments. An example of this was discovered by cybersecurity professional JAMESWT, who discovered a phishing campaign that targeted the Italian population by pretending to be the Italian revenue agency.
Previously, maintaining updated backups was sufficient best practice to protect against ransowmare attacks, as their leverage hinged on the amount of damage that is done to company productivity. In light of the new strategy of data leakage, ransomware protection has to put greater emphasis on preventative measures rather than reactive measures.
This can include strategies such as:
-Educating your employees on proper cyber hygiene and signs to look for when identifying fake emails
-maintaining strict information privilege matrices in the company so that sensitive data is kept on a need-to-access basis.
-strengthening firewalls and keeping software up-to-date
GIGE IT Solutions specializes in designing and managing your IT security for your company. Don’t be the next ransomware victim, and call us at +1 888 366 4443 to get started right away.