Join our subscribers
BlackByte is Back and Acting a Lot Like LockBit
Thursday, August 25, 2022
“Ransomware extortion campaigns have become increasingly more creative and damaging. I wouldn’t be surprised if later this year cybercriminals start offering credit services to victims, so the latter can pay ransom in installments; somewhat usurping the role of banks in cyberspace,” said Ilia Kolochenko, founder of ImmuniWeb and a member of the Europol Data Protection Experts Network.
Kolochenko questioned the conventional wisdom that advises victims not to pay up. “Despite the fact that many law enforcement agencies are publicly recommending not to pay the ransom, under a narrow set of circumstances it can be the least costly way to minimize the damage of a data breach—subject to rigorous analysis and considerations,” he said.
But victims shouldn’t just pay willy-nilly. “First, an external law firm should carefully assess the legality of payment, for instance, so as not to violate U.S. sanctions when paying in cryptocurrencies as expressly warned by the OFAC,” said Kolochenko. “Second, victims should always bear in mind that payment cannot and does not guarantee that the data will be securely deleted or returned: Copies or backups may have already been shared with third parties unbeknownst to the victim.”
Finally, he noted, “Aftershock attacks are a relatively new phenomenon to consider: Once a wealthy victim pays a ransom, other smaller threat actors immediately try to break in while the vulnerabilities are not yet patched; they’re motivated by the victim’s willingness to pay. In sum, payment of a ransom is a slippery slope that requires meticulous scrutiny both by legal and technical professionals.” Read Full Article
Help Net Security: ImmuniWeb joins Cybersecurity Tech Accord to improve cyber resilience for customers
Threatpost: U.K. Water Supplier Hit with Clop Ransomware Attack
