If you don’t pay up, ransomware gangs will publicly expose your data.
This new tactic can make an already terrible predicament for victims even worse, according to KrebsOnSecurity, a website that covers computer security.
“As if the scourge of ransomware wasn’t bad enough already,” Krebs wrote, citing the example of the high-profile criminal gang behind the Maze Ransomware. That group has created a public website identifying companies that don’t pay up.
That tactic is different from garden variety ransomware, which locks up the data but hasn’t typically gone much beyond that. That is until last month, when the operators behind Maze publicly released the data for security company Allied Universal, Lawrence Abrams told Fox News.
Abrams, who runs computer security news site BleepingComputer, added that “with this escalated threat from attackers, victims will now need to consider ransomware attacks like data breaches. This brings the extra costs of notifying the government and customers and the potential risk of lawsuits.”
It’s not just Maze, Abrams said — other criminal enterprises are adopting the strategy too.
These hackers typically infiltrate and move laterally throughout the network before deploying ransomware, Tim Otis of Check Point Software, an IT security company, told Fox News. That's how they steal the data.
Then they threaten exposure. “It should not be a surprise that these threat actors are turning to extortion demands around data while continuing their ransom demands,” Otis said.
Otis points out that the U.S. Department of Health and Human Services has been stating since 2016 that protected data that was encrypted by ransomware should be treated the same as if the data was breached.
Some companies are taking a stand, though, and have decided not to cave to ransomware demands but rebuild their networks from scratch. It is these companies are driving frustrated cybercriminals to threaten to expose their data publicly.