Make them pay: Hackers devise new tactics to ensure ransomware payment

Ransomware remains one of the biggest cybersecurity threats that organizations and governments continue to face. However, hackers are devising new ways to extract ransom from their victims as organizations make a conscious call to reject ransom payment demands.

With the downfall of the most well-known ransomware gang, Conti, in May 2022, it was assumed that ransomware attacks would see a major decline. However, Tenable found that 35.5% of breaches in 2022 were the result of a ransomware attack, a smaller decrease of 2.5% from 2021.

Meanwhile, payouts to ransomware victims declined by 38% in 2022, prompting hackers to adopt more professional and corporate tactics to secure higher returns, according to Trend Micro’s Annual Cyber ​​Security Report.

“Cybercriminals have more and more KPIs and targets to achieve. There are specific targets that need to be penetrated in a specific time period. It has become a highly organized crime due to the business model followed by ransomware groups for which they have started increasing pressure,” said Maheswaran S, Country Manager, Varonis Systems.

The double extortion tactic

One of the tactics increasingly used by ransomware groups is double extortion. In the double extortion method, the ransomware group, in addition to encrypting files on the victim’s systems, also downloads sensitive information from the victim’s machine.

“This gives them more power because now it’s not just about decrypting the locked data, it’s also about leaking it,” said Mehardeep Singh Sawhney, a threat researcher at CloudSEK.

Copyright © 2023 IDG Communications, Inc.

Source link

Hackers are constantly evolving their tactics, and the newest ransomware trend shows how desperate they are to ensure payment. Ransomware is a type of malicious software that is used to hold a person or organization’s data hostage until a payment is made. Recent ransomware attacks have been more sophisticated, leaving organizations helpless and with no other choice but to pay.

At Ikaroa, our team of cybersecurity professionals have been closely monitoring the latest ransomware attacks. Our experts have observed that, in some instances, hackers have been using social engineering tactics to fuel their ransomware campaigns. The tactic involves phishing emails sent to individual employees, convincing them to provide sensitive information, such as usernames and passwords, to a website and convince them to install malicious software. Then malware will infect their system, encrypting and stealing data until a ransom is paid.

In other cases, hackers are increasingly using ‘double extortion’ tactics. This involves attackers not only encrypting data, but also stealing it, then using a form of psychological blackmail in order to pressure their targets into paying the ransom demand. They threaten to publish the data if the ransom is not paid. This strategy has proven effective, with victims often deciding it is better to pay rather than face security breaches and public humiliation from having their data released to the public.

At Ikaroa, we take the security of our customers and the community very seriously. Our team is trained to detect and respond to the latest threats, so our clients can be assured that their data and resources remain safe from ransomware attacks. Our security system is designed to detect and isolate malicious activity and is regularly updated with the latest threat intelligence.

Ransomware attackers are becoming more and more sophisticated in their tactics, and organizations need to be vigilant in order to remain safe. With the help of organizations like Ikaroa, your business can stay safe and secure. We take the security of your organization seriously, so you can be confident knowing your data is safe and secure.


Leave a Reply

Your email address will not be published. Required fields are marked *