Ransomware gangs leaking data stolen from victims has appeared as a disturbing trend, with the primary reason ostensibly being to prompt their targets to pay sooner than later. Data theft has always been an often-unnoticed cyber risk in ransom scenarios, but now recent research is revealing that hackers are increasingly adopting this tactic in direct response to efforts to curb attacks. This strategy adds a new dimension to the already frightening predictions for malware surges in 2020 with the shift to the new normal and more employees working from home.
Here are the key items to know about the rise of hackers stealing data during ransomware attacks:
Hackers Leak Data to Incentivize Payment
Cybercrime has always relied on human error and emotion to execute on hacking campaigns and short-term goals, and this latest trend is a direct counterattack to the backlash against encryption attacks. Ransomware gangs frequently attempt to leverage the desperation of their victims by providing an air of courteousness, making payment seem like both a simple transaction and better than the alternative. These efforts to cultivate an agreeable reputation masks the lasting damage ransomware infections have, but momentum has progressively shifted against cooperation.
Between public opinion and regulatory action, there is a growing stigma against interacting with ransomware gangs in any form. Threatening to expose data is the next logical move for these cybercriminal groups as it reinforces the seriousness of their demands and the consequences of noncompliance.
Legal, Healthcare and Finance Industries the Most Targeted
Businesses and institutions that are becoming the biggest target of this new tactic are those that the biggest incentive not to lose their data, such as legal firms, healthcare providers and financial services. In many of these sectors, personal data is a critical component of their operations and its exposure or loss could result in consequences for multiple stakeholders. Hackers are well aware of this and purposefully look for victims that too much to lose if they do not comply.
However, this group will very likely expand as data privacy laws taking root in states like California and New York compel businesses to both protect consumer information better as well report any potential theft. Once data is confirmed to have been stolen by an external party, companies could face greater losses than just from the ransomware itself.
Data Leaks an Increasingly Popular Tactic
Examples of this emerging strategy have already made their way into the news as several unfortunate victims across the world have had their data breach exposed in various ways. One of the most popular now is the use of “data shaming,” which typically sees the victim listed on a website or online forum explaining how they had been hacked. This listing remains until the ransomware gang finds a “buyer” for the data, most often the victim paying the ransom but can also include another party purchasing the information.
Ransomware Surging with Remote Work
So many individuals working from home in the midst of COVID-19 has contributed to a potential attack surface expansion for businesses nationwide, and hackers are trying their best to exploit it. Ransomware gangs have reemerged in the spotlight as one of the most prolific cybercriminal elements in the pandemic owing to so many easy victims for these attacks, which rely on volume. With how many remote workers rely on unsecure home devices and networks to access business data, all it takes is persistence for hackers to identify and breach someone to piggyback on for greater network access.
Stop Hackers from Using Your Own Data Against You
These are uncertain and chaotic times, and cybercriminals have historically become more active during these types of periods, trying to take advantage of emotionally vulnerable victims. Don’t let disruptions distract from your network security – reach to SWK for help with deploying around the clock protection to help defend against data breaches.
Contact SWK Technologies today and learn how to spot and stop the preludes to a ransomware encryption attack.