Stay informed with our daily and weekly newsletters to receive the latest updates and exclusive content on AI coverage. Learn More
Ransomware actors have taken their tactics to new and disturbing levels, as revealed by recent research from Sophos X-Ops. Christopher Budd, director of threat intelligence at the Threat Response Joint Task Force, described some of these actions as “chilling.”
One particularly alarming example involves a ransomware group exposing a CEO’s daughter by doxing her, sharing screenshots of her identity documents and providing a link to her Instagram profile. This kind of personal attack is reminiscent of tactics used by organized crime.
Furthermore, these threat actors are now comfortable leaking highly sensitive data such as medical records, blood test results, and even intimate images. They are also resorting to making hoax phone calls and engaging in swatting incidents, leading to tragic outcomes.
Instead of just encrypting data or launching denial-of-service attacks, ransomware groups are now actively scouring stolen data for evidence of illegal activities, regulatory violations, or financial discrepancies. Some even claim to conduct criminal and commercial assessments on stolen data to leverage it for extortion.
In a disturbing case, a group threatened to expose an employee at a compromised organization for searching for child sexual abuse material unless a ransom was paid. Additionally, these attackers are targeting organizations that refuse to pay by reporting them to authorities or regulatory bodies.
Portraying themselves as sympathizers
To add further pressure, cybercriminals are portraying themselves as grassroots activists and encouraging victims to participate in legal actions against their own organizations. They criticize targets as unethical or negligent while positioning themselves as ethical “pentesters” conducting cybersecurity audits.
Moreover, ransomware gangs are not shying away from media attention and actively seek coverage to enhance their leverage. This shift in tactics shows a new level of aggressiveness and innovation in the cybercriminal landscape.
Enterprises: Be very vigilant
These escalating tactics are driven by a desire for significant payouts, emphasizing the importance of remaining vigilant for enterprises. It is crucial to maintain updated systems, robust security measures, regular backups, and disaster recovery plans to mitigate ransomware threats.
Organizations need to address the cybersecurity element of risks such as corporate espionage and employee misconduct, which can now be exploited by ransomware actors. By implementing best practices and proactive security measures, enterprises can protect themselves against evolving ransomware threats.