‘Swatting’ Becomes the Latest Extortion Tactic in Ransomware Attacks

Stu Sjouwerman | Jan 18, 2024

Swatting Ransomware AttacksRather than stick to traditional ransomware extortion methods that revolve around the attack itself, a new form of extortion known as Swatting puts the focus on the victim organization’s customers.

A somewhat unexpected mode of extortion appears to be popping up in attacks targeting medical institutions.  According to Dark Reading, cybercriminals are making repeat prank calls to police about individuals that are patients impacted by a data breach of a medical facility they are a customer of. 

By notifying the victim organization of the intent to “swat” their patients, the organizations will pay.

I’m not so convinced. But that doesn’t mean these threat actors won’t continue the tactic.

But this small evolution in extortion tactics does signal that ransomware gangs are realizing that organizations are aware of and are preparing themselves for the “traditional” tactics and their impacts. This is why ‘swatting’ makes sense; it’s out of left field, really.

It’s something the organization cannot truly prepare for, as these attacks could expose medical organizations to lawsuits, as victim patients will be able to demonstrate in court that they have been harmed by the repeat harassment and potential trauma of armed police visits.

This latest mode of extortion is a great example of why it’s critical to put the greatest emphasis on stopping an attack from ever happening – something new-school security awareness training helps to accomplish. No matter how prepared you are, the cybercriminal is going to think of something you haven’t. 

KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Test Your Network’s Defenses with our Free Ransomware Simulator

When employees bypass guidance and fall for social engineering, your network security is the last line of defense. Run our 100% harmless RanSim tool on Windows 10+ workstations to safely simulate 25 ransomware and cryptomining infection scenarios, pinpoint technical vulnerabilities, and get your results in minutes.

Launch Your Free Ransomware Simulation

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.