A new trend is emerging among ransomware groups where they prioritize stealing data from workstations used by top executives and managers in order to obtain “juicy” information that they can later use to pressure and extort a company’s top brass into approving large ransom payouts. From a report: ZDNet first learned of this new tactic last week during a phone call with a company that paid a multi-million dollar ransom to the Clop ransomware gang. Similar calls with other Clop victims and email interviews with cybersecurity firms later confirmed that this wasn’t just a one-time fluke, but instead a technique that the Clop gang had fine-tuned across the past few months.
The technique is an evolution of what we’ve been seen from ransomware gangs lately. For the past two years, ransomware gangs have evolved from targeting home consumers in random attacks to going after large corporations in very targeted intrusions. These groups breach corporate networks, steal sensitive files they can get their hands on, encrypt files, and then leave ransom notes on the trashed computers. In some cases, the ransom note informs companies that they have to pay a ransom demand to receive a decryption key. In case data was stolen, some ransom notes also inform victims that if they don’t pay the ransom fee, the stolen data will be published online on so-called “leak sites.”
of this story at Slashdot.
Source:: Slashdot