Lately, the BlackCat ransomware gang has been making big news. The latest one comes in the form of an increased ransom demand request by the group.
Diving into details
The gang has launched several high-profile attacks, including OilTanking GmbH in January and Swissport in February. Most recently, BlackCat targeted Florida International University and the University of North Carolina A&T.
Now, the threat actor’s ransom demands start with $2.5 million, with a possible discount.
The average time provided is between five and seven days, for the victim to purchase cryptocurrency.
Why this matters
The increase in ransom demands impacts the ransomware ecosystem, targeting organizations of all sizes across the globe. As the stakes get high, the trajectory of ransom demands will only grow further. Ransomware has become the world’s biggest ‘shadow economy’, spawning expense damages greater than natural disasters. Furthermore, BlackCat is the one of the fastest growing RaaS that practices quadruple extortion - using encryption, data theft, DDoS attacks, and harassment.
BlackCat ransomware group has launched a searchable database where anyone can find victims and specific details.
The website is hosted on the public internet and the information is indexed by search engines.
Following the footsteps of BlackCat, even LockBit and Karakurt have added a search function to their data leak sites, enabling victims to be searched by their names.
This is another step toward a multi-tiered extortion scheme as it puts immense pressure on the victims to pay the ransom and have their data deleted.
The bottom line
BlackCat or ALPHV is evolving rapidly and is leaving no stones unturned to extract its ransom. Resecurity has shared several mitigation measures that can be followed by organizations to stay safe from this growing threat. The increase in ransom demands is a trend that is expected to continue well into the future and hence, applying proactive cybersecurity strategies is the only way to keep yourself from becoming a victim.