New coercive tactics used to extort ransomware payments
April 26, 2023 – Published on HelpNetSecurity
The increase in reported ransomware victims across Q1 2023 reflects the continued prevalence of ransomware as a worldwide, industry agnostic threat, according to GuidePoint Security.
The report is based on data obtained from publicly available resources, including threat groups themselves, and insight into the ransomware threat landscape. In the first quarter, GRIT tracked 849 total publicly posted ransomware victims claimed by 29 different threat groups.
GRIT’s latest report shows a 27% increase in public ransomware victims compared to Q1 2022, and a 25% increase from Q4 2022. Manufacturing, technology, education, banking and finance, and healthcare organizations continue to represent the majority of publicly posted ransomware victims.
GRIT’s analysis shows an increase in the use of novel coercive tactics by numerous prolific ransomware groups that follow the “double extortion” model of operations, where the ransomware operators not only encrypt files on corrupted networks and hosts, but also exfiltrate data.
The ransomware groups then leverage the threat of leaking data to the public to coerce compliance with ransom demands. Specifically, threat groups including AlphV and Medusa have been observed releasing targeted sensitive data, including graphic images related to medical treatment, in an effort to place more pressure on victims to consider payment.
Read More HERE.