A victim of ransomware will find all of their data encrypted. But to add insult to injury, the cyber crook will also collect the data and credentials and then add the threat of releasing or selling the data to the pressure of the ransom demand.
This is known as a double extortion attack. Digital criminals will plant their malware onto a network and allow it time to pilfer all the data it can before encrypting the user’s files, crippling the devices and network and then demanding payment.
It is reported that 14 percent of institutions indicate that the time between compromise and detection is anywhere from one to six months. These stealthy marauders can do a lot of damage in that amount of time.
Some tactics used by the bad actors are stolen credentials, malicious links or attachments. Once the thief gets in, they get to work.
Now to make matters even worse, and raise the ante a bit more, the hackers are threatening to go after the victim’s customers and partners, demanding payments from them as well. This is becoming known as triple extortion.
Some ransomware villains are also launching denial of service attacks as a method to get their prey to pay up.
More organizations are beginning to look into advanced end-point detection and response (EDR). No longer suitable for just the big companies, EDR is becoming a justifiable security defense for everyone. An EDR can monitor your network for cyber threats and suspicious activity and respond to stop the attacks. EDR can help reduce the amount of time the threat dwells within your system.
FBI Warns Conti Ransomware Hit 16 US Health and Emergency Services