Ransomware Gets Doubly Dangerous

John Lister's picture

Ransomware infections used to be about forcing victims to pay to regain access to their files. Now it appears more and more scammers are treating it as an exercise in blackmail.

A new cybersecurity report says 18 known ransomware gangs have switched their focus to threatening to publish stolen data unless the victim pays up. That's led to some businesses paying the ransom even though they had access to backups in order to restore their files.

Traditionally ransomware has been about file encryptions. Scammers get access to a victim's computer or network through malware, then the infection "locks" files so they are unreadable and inaccessible. They then tell the victim to pay a fee, usually in an untraceable "cryptocurrency" such as bitcoin, to regain access.

Health Data Exposed

That meant people who paid up usually fell into two categories: individuals who hadn't backed up their data, and businesses or public authorities for whom paying a fee worked out cheaper than the lost productivity and expenses of restoring data or even rebuilding a network.

A new report from Emsisoft suggests that at the start of 2020, only one criminal group using ransomware was known to regularly threaten to publish the compromised data rather than simply make it inaccessible. (Source: emsisoft.com)

By the end of the year, at least 17 other groups had made and followed through on such threats. The number of victims includes 1,300 businesses around the world and 58 public bodies from the US alone. The published data included health information, police records and information about children. (Source: zdnet.com)

Total Number Of Cases Unknown

That only covers direct victims and not those whose data was held by other organizations and exposed. Neither does it cover the unknown number of cases where a victim paid the extortion fee and the scammers kept their promise not to publish.

The apparent trend brings a mixed picture for the average person. The good news is that it seems this type of attack makes it less efficient to target individuals. The bad news is that it increases the risk of being an indirect victim if an organization that holds records about customers or citizens fails to pay a ransom and the data gets published.

What's Your Opinion?

Would you pay a fee rather than have data from your computer published online? Should a business or government organization pay the ransom and risk incentivising scammers to carry out more attacks? Or should organizations refuse to pay even if that risks customer data being exposed?

Rate this article: 
Average: 5 (5 votes)

Comments

DavidInMississippi's picture

First, any person or business that keeps information on any internet-connected computer and does NOT want that information being published, they need to encrypt that data themselves. Yes, that will make it more of a pain to get to when they need it, but consider the alternative.

Second, it would seem logical for everyone worried about this to contribute to a fund used to hire private police (mercenaries?) to hunt down these criminals and bring them to justice. The only reason they continue to do this is they continue to get away with it. Make it cost them. There will be less incentive for future criminals to do the same thing.

buzzallnight's picture

I think we should be able to sue OS and Browser makers!

How long have we been listening to this

"Win 10 is a modern operating system that is secure?"

No it is not!
I has more holes in it than Swiss cheese!!!!!!!!!!!!!!!!