Ransomware Extortion Strategy Deepens as New Trends Emerge
Ransomware gangs are steadily picking up on their extortion techniques. As a result, this has left organizations worldwide with no option other than to pay the demanded ransom.
Where it all started
- It all started with the Maze ransomware gang who terrorized its victims with the ‘naming and shaming’ strategy. As a part of the strategy, the attackers threatened to reveal the company’s name, as well as its confidential data, if the ransom demand was not met.
- Eventually, the tactic was followed by other ransomware operators to ensnare more victims.
- However, it didn’t stop there and ransomware gangs formed a cartel to make the extortion strategy more resilient and robust against organizations.
- To further maximize the profit, the gangs moved quickly to the double-extortion strategy, with more than 550 incidents in the fourth quarter of 2020 alone.
What are the emerging trends?
From the beginning of 2021, security experts are witnessing several new shifts in ransomware extortion tactics.
- One of the emerging trends includes several ransomware gangs extorting companies by targeting the classified and confidential data of top executives and managers.
- ZDNet first learned of this new tactic when a company paid a multi-million dollar ransom to the Clop ransomware group.
- Moreover, many ransomware gangs are attempting to instill a fear of DDoS attacks on targeted companies as an effective means of pressurizing the victim to quickly pay the ransom. This kind of secondary attack has been seen from Avaddon, SunCrypt, and RagnarLocker operators.
Ransomware operators are experimenting with new ways to pressurize victims. They are now going tough on victims who are unwilling or unable to pay the ransom and this is alarming. The good news is that organizations have become cautious about false promises made by attackers of deleting the stolen data. As a result, the average ransom payment has declined by 34% in the fourth quarter of 2020.
However, ransomware attackers remain undeterred and continue to evolve their attack tactics to achieve their motives. Many organizations remain vulnerable to such attacks and are staring at an unfortunate scenario of making the difficult decision of whether to pay the ransom or not.