The dangers of quadruple blow ransomware attacks | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

For the first time, a ransomware gang has reported one of its victims to the authorities. This has never happened before and shows the continuing evolution of their business models to maintain pressure on the victim organisations. With this new mechanism, criminal actors are using the threat of potential regulatory fines as an additional incentive for those who fall victim to their attacks to pay the ransom.

The ransomware group AlphV says it has filed a complaint with the American Securities and Exchange Commission (SEC) because its victim, MeridianLink, did not report their successful attack that resulted in data loss. The pressure on companies is growing to structure their measures in the event of successful attacks. This is effectively a quadruple blow against the victims: the data is encrypted, then exfiltrated and published. The people affected end up being harassed and the company ends up being reported to the regulatory authority.

James Blake

Field CISO of EMEA at Cohesity.

Why are ransomware groups choosing this new method?


Click Here For The Original Source.

National Cyber Security