Cold-Calling: Another Escalation in Ransomware Extortion Tactics
Ransomware gangs have been coming up with innovative tactics to pressurize their victims, such as public humiliation on mass media, or using DDoS attacks on the targeted victim until they pay the ransom. Recently, ransomware gangs have added yet another escalation in their extortion tactic as they are now cold-calling victims on their phones to put pressure on them to pay ransom after encrypting their systems.
The cold-calling trend
Ransomware gangs have been cold-calling victims on their phones if they suspect that a hacked company might try to restore from backups and avoid paying the ransom.
- Emsisoft spokesperson has claimed that ransomware groups such as Sekhmet (now defunct), Maze (now defunct), Conti, and Ryuk have been witnessed calling victims in the past attacks.
- There is a possibility that the same outsourced call center group has been working for all the ransomware gangs, as the templates and scripts are basically identical across all the variants.
- According to experts, ransomware gangs have been following this trend since at least August-September.
An interesting cold-calling case
Recently, when Galstan & Ward Family and Cosmetic Dentistry (Galstan & Ward) identified anomalies with its computers, the firm took help from an IT vendor to wipe the server and reinstall from backup. Later, it received a call from attackers after which they discovered that they were attacked by Conti ransomware, and attackers were planning to post the data on the dark web.
In addition to targeting victims, ransomware gangs are now introducing additional escalation tactics to leverage ransom demands. The introduction of such schemes indicates the necessity of cybersecurity in the first place. Therefore, experts suggest having a backup of all sensitive data, using strong passwords, and using genuine spam protection solutions to avoid any threats of ransomware attacks.