3 New Tactics Hackers Use to Get Ransomware Payment

Hackers are engineering new tactics to ensure they get bigger ransom payments from their victims. Here are a few to keep on your radar.

  • June 28, 2023 | Author: Allison Bergamo
Learn More about this topic

Article Key

Just like in the movie “Jerry Maguire,” hackers are putting more pressure on their victims to show them the money. And their victims are obliging. According to Fortinet’s 2023 Global Ransomware Report, while almost 72 percent of security leaders surveyed detected a ransomware incident within hours and sometimes minutes, almost three-quarters of respondents make some ransom payment. But hackers are greedy. They are engineering new tactics to ensure they get bigger ransom payments from their victims. Here are a few tactics to keep on your radar.

1. The double extortion tactic

In this case, the ransomware group delivers a one-two punch to its victims. In addition to encrypting the files on their victim’s systems, the hackers also download sensitive information from the victim’s machines. This gives them more leverage as the victim needs them to decrypt their locked data and hope they don’t leak it.

2. The triple extortion tactic

In this tactic, the bad actors not only encrypt files and extract sensitive data they also throw in distributed denial-of-service (DDoS) attacks for good measure. Unless the ransom is paid not only will the victim’s files remain locked, but their regular services will also be disrupted due to DDoS.

3. Contacting stakeholders of the victim organizations

Nothing instills confidence in your clients’ customers more than getting a phone call from a ransomware group informing them that they have their data. In one case, ransomware groups such as CI0p personally emailed their victims’ customers to let them know that their data was captured. CI0p also maintained a website where a list of its victims and stakeholders was regularly updated. This “publicity” puts more pressure on the victim firm to pay the ransom amount. 

3 Things Your Clients Should Do to Protect Themselves Against Ransomware

As part of a complete ransomware prevention strategy, have your clients take the following actions to protect their data.

1.     Locate and identify critical data that’s at risk. Have your clients scan for everything attackers are after including personal data, financial data and passwords (that includes passwords found on sticky notes under their employees’ keyboards).

2.     Set up multifactor authentication (MFA) for your clients. This should have been done yesterday. Enabling MFA significantly reduces your client’s chances of getting hacked.

3.     Monitor how every user and account use critical data and watch for any unusual activity that could indicate a possible cyberattack. While you’re at it, encourage your clients to adopt Zero-Trust Network Access (ZTNA), giving employees and partners least-privilege access to their networks. 

 

 

Related Content