Skip to content

As Ransomware Gangs Shift To Data Extortion, Some Adopt A New Tactic: ‘Customer Service’

Posted by: GuidePoint Security

< 1 min read

August 14, 2023 – Published on CRN

While traditional ransomware attacks have been all about maximizing disruption for victims, a growing wave of extortion attacks that don’t deploy encryption are seeking the opposite — as part of an effort to rebrand themselves almost as security advisors, cyberthreat experts told CRN.

At GuidePoint Security, No. 52 on CRN’s Solution Provider 500, the incident response team has encountered multiple cases where attackers have told their victims, “‘we did you the favor of not encrypting your environment,’” said Mark Lance, vice president for DFIR and threat intelligence at GuidePoint.

Such attackers will then provide a list of recommendations about how to better secure a breached victim’s environment, Lance said.

“For some groups, we’ve seen that they’ll send what they call a ‘security audit report,’” he said — a multi-page document providing details about how attackers gained initial access to an environment, accessed accounts and elevated user privileges.

Read More HERE.

Categories: Incident Response & Threat Intelligence News
Tags:GRITransomware

GuidePoint Security

GRIT Ransomware Report-2023-Q2
Q2 of 2023 continued a trend of increasing numbers of ransomware victims, brought a record increase in the number of first-seen ransomware groups, and brought new vulnerabilities that lead to large-scale attacks. Victim volume reached the highest volume observed since GRIT began tracking and reporting on ransomware statistics in 2022.
Download Now

Related Articles

View All

  • Incident Response & Threat Intelligence
GRIT Ransomware Report-2023-Q2
Read More < 1 min read
  • Incident Response & Threat Intelligence
Sitting With a Ransomware Negotiator
Read More < 1 min read
  • Incident Response & Threat Intelligence
EP 72: TALES FROM A RANSOMWARE NEGOTIATOR
Read More < 1 min read