A new “double extortion” ransomeware tactic has been discovered by Check Point, in which threat actors add an additional stage to a ransomware attack.
Blackmail by unknown cyber criminals is an acute threat to companies of all sizes. But hackers don’t stop at administrations and government bodies either. Only a comprehensive approach to security offers reliable protection against the ubiquitous threat of ransomware. Check Point Software has discovered a new approach by cyber criminals. They pull a second level into their ransomware attacks and make the ransom demand a double extortion.
Until now, it has been customary to infiltrate the systems of a company with ransomware and to encrypt all important files and servers in order to bring operations to a standstill. Money was requested to release the systems. Those who did not pay were not given the encryption key.
The offer of complete ransomware solutions enables more and more criminals, who themselves do not have in depth IT skills to use the ransomware. Those who start looking for such offers do not have to go online .The remuneration for the service is often based on the principle that the ransom extortioned goes to the malware seller.
A Second Level Has Been Seized
The attackers steal some sensitive data before encryption and threaten to publish it in the course of the ransom demand. Sometimes even a little warning shot follows. Small parts are already revealed.
Cyber Attack On Companies
In the course of the investigation, the researchers at the security provider have gained numerous insights into the actions of cyber criminals. The hackers initially attacked public web servers with automatic and manual vulnerability detection. As soon as the attackers had a server under control, it was used to spy on further victims. The Check Point team claims to have found clues for manual online hacking as well as for an automated infection mechanism.