Fraud Management & Cybercrime , Fraud Risk Management , Ransomware
Ragnar Locker's Facebook Ad Stunt a Harbinger of New ApproachesThe gang behind the Ragnar Locker ransomware posted an ad on Facebook in an attempt to publicly shame a victim so it would pay a ransom. Security experts say the innovative tactic is indicative of things to come.
See Also: Palo Alto Networks Ignite 20: Discover the Future of Cybersecurity, Today
Earlier this week, the cyber gang hacked into a random company's Facebook advertising account and then used it to buy an ad containing a press release stating Ragnar Locker had breached the Italian liquor company Campari and demanded it pay the ransom or see its data released. The security firm Emsisoft provided an image of the ad to Information Security Media Group.
"What we're seeing right now is the rise of ransomware 2.0," says Dmitry Bestuzhev, a researcher at the security firm Kaspersky. "By that I mean, attacks are becoming highly targeted and the focus isn't just on encryption; instead, the extortion process is based around publishing confidential data online."
Start of a Trend?
Security experts say ransomware gangs increasingly will try new stunts to force their targets to pay up.
"I've not seen a play like this before, but it's not at all surprising. Ransomware groups push out press releases and do media outreach, so this was a logical extension," says Brett Callow, threat analyst with Emsisoft.
Chris Hauk, consumer privacy champion at Pixel Privacy, says "Facebook shaming" could be an effective method of pressing for a ransom payment by publicizing a breach to a targeted company's customers.
"While I hesitate to say I am entertained by the creative methods the bad actors of the world are using to pressure companies to pay after a ransomware incident, I will admit I am intrigued," Hauk says.
The Ransomware Attack
Campari said in a Nov. 2 statement that it had been struck by ransomware the previous day. On Nov. 6, the company issued an update saying some systems were encrypted and some data had been lost, although at that time it did not know the extent of the damage.
On Nov. 9, Campari reported some systems had been recovered but others remained "temporarily and deliberately either suspended or operating with limited functionality across multiple sites, awaiting their sanitization or rebuild in order to resume all systems in a fully secure way."
Ragnar Locker's Evolution
The Ragnar Locker ransomware gang first came onto the scene in 2019 but remained off most radar screens until the first half of this year when it began a series of highly targeted attacks.
Like Maze, the Ragnar Locker gang steals its victim's data prior to encryption and, if the ransom is not paid, it posts samples on its leak site, according to a Kaspersky report.
Whatever It Takes
As more organizations improve their ability to recover from a ransomware incident, cybercrime syndicates are devising new strategies to win ransom payments.
In October, for example, Finnish mental health provider Vastaamo reported that, after it refused to bow to the ransom demands of attackers following a breach, the threat actors threatened patients with exposure of their data if the demands were not met (see: Patients Blackmailed 2 Years After a Breach).
"This indicates that these bad actors are willing to do whatever is needed to increase their return on investment, even if it means ruining innocent victims' lives," Hauk says.
Kaspersky's Bestuzhev says an extortion approach that includes posting data opens the victim to a variety of legal issues.
"Doing so puts not just companies' reputations at risk but also opens them up to lawsuits if the published data violates regulations like HIPAA or [the EU's] General Data Protection Regulation. There's more at stake than just financial losses," Bestuzhev says.
Brian Higgins, security specialist at Comparitech, notes: "Criminal organizations will always seek to exert maximum pressure for minimum effort in order to force their victims to pay up."
"tactic" - Google News
November 14, 2020 at 02:42AM
https://ift.tt/3eZItUA
Ransomware Gang Devises Innovative Extortion Tactic - BankInfoSecurity.com
"tactic" - Google News
https://ift.tt/2NLbO9d
Shoes Man Tutorial
Pos News Update
Meme Update
Korean Entertainment News
Japan News Update
Bagikan Berita Ini
0 Response to "Ransomware Gang Devises Innovative Extortion Tactic - BankInfoSecurity.com"
Post a Comment