- Ransomware attacks now often understand more than simple figure
- In many cases, the attackers threaten victims of violence
- They also submit relations with the dry
Ransomware gangs seem desperate when it comes to achieving results, as in addition to encrypting and fleeing data on the web, they also started to threaten CEOs with physical violence.
Semperis cybersecurity researchers say in the past 12 months, in 40% of ransomware incidents, the CEOs of the affected company have also been physically threatened – which reached 46% among American organizations.
But even payment may not be sufficient, because research has noted more than half (55%) of organizations that have paid for a request have done so several times, with almost a third (29%) of these companies paying three times or more, and 15%have not even sent decryption keys or have received corrupt keys.
Physical violence
The threat of lodging a regulatory complaint also seems to be a popular tactic, noted Semperis. It was observed in 47% of attacks, going 58% in the United States.
In 2023, the famous BlackCat Ransomware Group reported one of his victims to the dry to make them pay, with this tactic because of the growing regulatory requirements concerning Cyber reports
Ransomware has existed for more than a decade, and during this time, it has evolved several times. It started with just encryption, which companies quickly attenuated while keeping the offline backups of all key data.
The criminals then responded by stealing the data first and threatening to release it on the Dark web unless a payment is made. This strategy, known as “double extortion”, works fairly well, so in fact, some criminals have completely abandoned the encryption part and simply focus on theft of files.
However, many companies refuse to move, forcing criminals to even greater extremes.
In some cases, they associate the encryption of the back-end with a distributed denial of service (DDOS) on the front-end, which put the whole business to an emergency stop. Telephone calls to victims organizations have also been observed in a few cases, and now we can also add physical threats to the mixture.
“Although certain circumstances can leave the company in a situation not in the choice, we must recognize that this is a decomposition during the next attack,” noted Mickey Bresman, CEO of Sempris.
“Each dollar given to ransomware gangs feeds its criminal economy, encouraging them to knock again. The only real way to break the scourge of ransomware is to invest in resilience, to create an option not to pay the ransom,” he commented.
