Ransomware is the most critical threat faced by the cybersecurity community. Ransomware attacks have resulted in the loss of billions of dollars, along with reputation. The threat actors want huge ransoms in lieu of your data. But, what kind of data do they really want?
Diving into details
The Pain Points: Ransomware Data Disclosure Trends by Rapid7 uncovers the kind of data ransomware actors want and how they pressure victims into getting it back by paying a ransom. The analysts scrutinized 161 unique data disclosures between April 2020 and February 2022 and discerned the following trends:
- In the healthcare, pharmaceutical, and financial services financial data was the most leaked at 63%, followed by patient and customer data at 48%.
- In 81% of incidents, Conti leaked financial data whereas Cl0p released only 30% of financial information and chose to leak employee information in 70% of the cases.
- Around 82% of financial services data disclosures were related to customer information.
- In the same sector, 50% of data included internal company financial data.
- In the pharma and healthcare sectors, 71% of leaked data was related to internal financial information.
- In the pharma sector, 43% of all data disclosures included intellectual property.
Why this matters
- The high frequency of patient and customer data disclosure indicates that attackers focus on exerting greater pressure with regulatory and legal repercussions of patient data breaches.
- Furthermore, detailed patient datasets enable threat actors to conduct identity theft and other kinds of fraud.
- The high frequency of intellectual property disclosure in the pharmaceutical sector signifies that threat actors exert maximum pressure on the victims by threatening to expose such valuable information.
The bottom line
Ransomware actors are getting more sophisticated and ambitious. They choose their targets with lots of research, hoping for the maximum payout. Based on the types of data possessed, they are likely to choose targets who are lucrative, easier to infect, and suitable for short-term extortion.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/f78f_shutterstock_733647847.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/8d27_shutterstock_376819549.jpg)
