EP. 34: Triple Threat: Ransomware Criminals Add Data Theft, Manipulation to Encryption Tactics
March 30, 2022 – Published on Insurance Journal
Ransomware criminals are adding even more tools to their toolboxes, and companies are finding it harder to stay on top of the trends, according to guests on the most recent episode of The Insuring Cyber Podcast.
Drew Schmitt, principal threat intelligence consultant at GuidePoint Security, said earlier in the episode that this is raising the stakes significantly for companies who become victims of attacks in terms of how to respond and the amount of damage that can be inflicted.
“It really does raise the stakes on the potential damage to the organization,” he said. “With traditional ransomware, where we’re talking about encrypting files and taking systems offline, obviously that is a major technology problem. But when we’re talking about data theft and extortion, we’re talking about a data leak at that point. Data’s left the environment, and then you have regulatory challenges.”
Beyond regulation, the reputational damage can be significant for a victim as well, he added.
“I think the challenge really is in the potential for damage to move from just being a technological problem to a much higher or much more impactful type of damage when we’re talking about brand and reputation,” he said.
As if that isn’t enough for companies and their insurers to worry about, another ransomware trend that is beginning to pop up is data manipulation, according to Dennis. This happens when criminals, rather than encrypting or stealing data, change the data within a company’s system so that it is no longer usable or accurate.
“It doesn’t take a whole lot of creativity to think about some potential examples which could have very severe negative outcomes,” Dennis said. “For instance, what if a hacker breaks into an electrical power company and manipulates data which causes the power operators to react in such a way that they increase the electrical load, overload the system and cause widespread electrical power outages? That would be bad.”
Despite increasingly sophisticated attack methods, Schmitt said developing a proper cybersecurity plan is all about going back to the fundamentals.
Read More HERE.