EDITOR ’ S QUESTION
YUEN PIN YEAP , CEO AT NEUSHIELD
Before ransomware attacks were commonly reported in the news , the typical security related news consisted of companies being breached and customer info becoming stolen and sold on the Dark Web .
The victimized organizations might not even be aware of the data breach until they were informed by authorities or a white hat group that monitors the underground activities .
Apart from a bruised reputation and the arduous journey of going through the disclosure and cleanup processes for the affected customers , life would continue on and most companies survived the traumatic episode .
Then came along the new and deadlier data extortion , ransomware . Using ransomware to encrypt important data and paralyze computers , hackers demand a ransom before restoring the data .
Facing the ruin of their businesses and livelihoods , some victims gave in to the demands and paid to get their data back . The payoff encouraged the criminals and fueled further ransomware attacks . According to a recent Gartner Report , 27 % of malware attacks in 2020 were attributed to ransomware . But , as bad as that is , it gets worse . Now we are seeing the worrisome trend of ransomware hackers deploying multiple data extortion tactics to exert maximum pressure on their victims .
Many of the recent ransomware attacks also stole data before deploying ransomware . The ransomware gangs begin by infiltrating the C-level executives ’ computers and servers to steal confidential company data , as well as personal information that can be used to humiliate the victim . After transferring the data outside network , they encrypt the data locally to paralyze the computers and business .
If the stolen data includes protected information in regulated industries , such as medical records of a patient or social security number from a finance institute , the attack just escalated into a full data breach incident . In most cases , this type of attack will trigger a government regulation and thus require the victim to notify its users of the breach . Ironically , the chance of the criminals getting paid may be reduced as most government bodies that get involved would actively discourage the company from paying the ransom .
On the other hand , if the leaked data is of personal nature of the executives , or confidential data , the victimized company may be much more willing to comply if they deem the damage of the leaking is much bigger than the ransom .
In any case , this type of multi-pronged attack is hard for most victims to escape unscathed . However , by following security and recovery best practices , companies can minimize the risk of attack , and maximize the chances of quick recovery .
Now we are seeing the worrisome trend of ransomware hackers deploying multiple data extortion tactics to exert maximum pressure on their victims .
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 33