Security Awareness Training Blog

    Approaching Ransomware Victims Privately

    Approaching Ransomware Victims PrivatelyResearchers at KELA warn that ransomware gangs are increasingly refraining from mentioning their victims’ names after the initial attack, giving the victims a chance to pay up before the attack is publicized. This puts an additional layer of pressure on the victim to pay quickly, because it may allow them to avoid the reputational damage that’s among the biggest threats a victim faces. If the victim refuses to pay, the attackers can then publish their name and threaten to release the stolen data.

    “KELA observed a few ransomware groups using relatively new intimidating methods which include publishing a victim without mentioning the company’s name,” the researchers write. “For example, Midas published a few victims claiming ‘a new company’ as their victim on their data leak site. If the victim did not pay, Midas would edit the post and add the victim's name. Lorenz ransomware gang adopted the same practice and published a ‘new target company’ on their ransomware blog. Additionally, Everest data leak site operators used the same method: a Canada-based supplier was listed with a threat to leak 96 gigabytes of the company's data, including over 10,500 personal records of Canadian citizens.”

    The prolific ransomware gang Conti has adopted a similar tactic, using hidden blog posts to threaten the victims.

    “In comparison to Everest and Lorenz who maintain ambiguity regarding victims’ names, Conti’s leaked chats showed that the gang prepared hidden blog posts about victims that can be accessed only via a specific URL,” KELA says. “The actors share this hidden blog post with a victim to intimidate them by showing how easily the victim’s data can be accessed. If a victim agrees to pay, the post is never released; if the negotiation fails, the blog becomes publicly accessible, and the victim’s name is disclosed.”

    New-school security awareness training can give your employees an essential layer of defense against ransomware attacks by teaching your employees to thwart phishing and other social engineering attacks.

    BleepingComputer has the full story.

     

    Return To KnowBe4 Security Blog

    A Master Class on IT Security: Roger Grimes Teaches Ransomware Mitigation

    Cyber-criminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. Protecting your network from this growing threat is more important than ever

    RogerMasterClass-FeatureImage (1) (1)
    Join Roger Grimes, Data-Driven Defense Evangelist at KnowBe4,  for this thought-provoking webinar to learn what you can do to prevent, detect, and mitigate ransomware. You'll learn:

    • How to detect ransomware programs, even those that are highly stealthy 
    • Official recommendations from the Cybersecurity & Infrastructure Security Agency (CISA)
    • The policies, technical controls, and education you need to stop ransomware in its tracks
    • Why good backups (even offline backups) no longer save you from ransomware

    Watch Now

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://info.knowbe4.com/ransomware-master-class

    Topics: Ransomware

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe To Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews