In a recent examination of the dark web titled “Turning the Screws: The Pressure Tactics of Ransomware Gangs,” it is shown how hackers are utilizing data that has been taken as a weapon to threaten individuals who refuse to pay.
“Turning the Screws: The Pressure Tactics of Ransomware Gangs,” a new dark web analysis, describes how hackers are using stolen data as a weapon to put further pressure on targets who won’t pay. In addition to threatening to reveal any information about illicit business operations found in stolen data to the authorities, this also entails releasing the contact information of targeted CEOs and business owners or doxing their family members.
According to Sophos X-Ops’ analysis, ransomware gangs refer to their victims as “irresponsible and negligent,” and in certain instances, they even urge the victims to sue their employers for the theft of their personal data. These posts were discovered on the dark web.
Following the MGM casino hack in December 2023, Sophos started seeing how ransomware groups often utilize the media as a tactic to not only put further pressure on their victims but also to take charge of the story and assign blame. Gangs are also identifying and smearing the executives of the firms they attack as “responsible” for the ransomware campaign. The attackers posted a picture of a business owner with devil horns and their social security number in one of the posts we were able to locate. The attackers threatened to alert clients, partners, and rival businesses about data breaches in other posts, and in still others, they exhorted staff members to demand “compensation” from their employer.
According to Christopher Budd, head of threat research at Sophos, “these efforts create a lightning rod for blame, increasing the pressure on businesses to pay up and potentially exacerbating the reputational damage from an attack.” Multiple posts by ransomware attackers describing their intentions to look for information within stolen data that may be used as leverage if organizations don’t pay were also discovered by Sophos X-Ops. For example, the WereWolves ransomware actor states in one article that any data that is stolen will be evaluated for “criminal legal implications, business implications, and competitive intelligence.”
Another instance was reported by the ransomware group Monti, which claimed to have discovered an employee at a targeted company looking through files for evidence of child sexual abuse. If the company didn’t pay the ransom, the group threatened to report the employee to the authorities. These posts are consistent with a larger pattern of criminals extorting businesses for more and more private information about their workers, clients, or patients. Examples of such material include children’s medical records, mental health records, “information about patients’ sexual problems,” and “images of nude patients.” In one instance, the personal information of a CEO’s daughter was leaked by the Qiulong ransomware organization, along with a link to her Instagram page.
These posts are consistent with a larger pattern of criminals extorting businesses for more and more private information about their workers, clients, or patients. Examples of such material include children’s medical records, mental health records, “information about patients’ sexual problems,” and “images of nude patients.” In one instance, the personal information of a CEO’s daughter was leaked by the Qiulong ransomware organization, along with a link to her Instagram page. The use of ransomware by cybergangs is becoming more brazen and intrusive in terms of what they can weaponize.
The use of ransomware by cybergangs is becoming more brazen and intrusive in terms of what they can weaponize. In addition to stealing data and threatening to disclose it, they are actively studying it to find methods to maximize harm and open up new extortion opportunities, which puts further pressure on businesses. This implies that businesses need to be concerned about employee criminal behavior, trade secret theft, and corporate espionage in addition to these problems when it comes to cyberattacks, according to Budd.
Also read: Achieving Rapid Outcomes with AI-Driven Cloud Analytics
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.
