Research into recent ransomware submissions from TripWire revealed that more than a tenth of crypto-malware infections now involve some element of data theft.
In the second quarter of 2020, ID Ransomware received 100,001 submissions of crypto-malware pertaining to attacks that had targeted organizations and government entities.
Of those attacks, 11,642 involved the theft of victim data by their perpetrators. That’s over 11% of the attacks for that six-month period.
These attacks involved numerous ransomware gangs. In March 2020, for instance, the Nefilim crypto-malware strain began telling its victims that it would publish their stolen data within a week unless they paid their ransom. That was about a month before the security firm learned of Ragnar Locker’s demand of 1580 bitcoin (approximately $11 million) as ransom from Energias de Portuga (EDP), a Portuguese electric utilities company from which the attackers claimed to have stolen 10TB of data. Approximately a month after that, DoppelPaymer published a new entry on its data leaks site for the City of Torrance, CA.
Acknowledging those risks, it’s imperative that organizations work to prevent a ransomware infection in the first place. New-school security awareness training can ensure your users can be able to spot the warning signs and report any suspicious emails.
TripWire has the full story.