[ALERT] More Than 10% of Ransomware Attacks Now Involve Data Theft / Data Breach

Stu Sjouwerman | Jul 15, 2020

ransomware data theft breachResearch into recent ransomware submissions from TripWire revealed that more than a tenth of crypto-malware infections now involve some element of data theft.

In the second quarter of 2020, ID Ransomware received 100,001 submissions of crypto-malware pertaining to attacks that had targeted organizations and government entities.

Of those attacks, 11,642 involved the theft of victim data by their perpetrators. That’s over 11% of the attacks for that six-month period.

These attacks involved numerous ransomware gangs. In March 2020, for instance, the Nefilim crypto-malware strain began telling its victims that it would publish their stolen data within a week unless they paid their ransom. That was about a month before the security firm learned of Ragnar Locker’s demand of 1580 bitcoin (approximately $11 million) as ransom from Energias de Portuga (EDP), a Portuguese electric utilities company from which the attackers claimed to have stolen 10TB of data. Approximately a month after that, DoppelPaymer published a new entry on its data leaks site for the City of Torrance, CA.

The “City of Torrance, CA” post published on DopplelPaymer’s data leaks site. (Source: Bleeping Computer)

Acknowledging those risks, it’s imperative that organizations work to prevent a ransomware infection in the first place. New-school security awareness training can ensure your users can be able to spot the warning signs and report any suspicious emails. 

TripWire has the full story

Test Your Network’s Defenses with our Free Ransomware Simulator

When employees bypass guidance and fall for social engineering, your network security is the last line of defense. Run our 100% harmless RanSim tool on Windows 10+ workstations to safely simulate 25 ransomware and cryptomining infection scenarios, pinpoint technical vulnerabilities, and get your results in minutes.

Launch Your Free Ransomware Simulation

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.