Sophos has released a report that highlights how cybercriminals are weaponizing stolen data to increase pressure on targets who refuse to pay. This includes sharing the contact details or ‘doxing’ the family members of targeted CEOs and business owners, as well as threatening to report any information about illegal business activities uncovered in stolen data to the authorities.
► Criminals threaten to make personal data of execs public if their employers don’t pay the ransom
► Use of extortion tactics could become more commonplace
In the report, Turning the Screws: The Pressure Tactics of Ransomware Gangs, the firm shares posts found on the dark web that show how ransomware gangs refer to their targets as ‘irresponsible and negligent’ and in some cases, encourage individual victims whose personal information was stolen to pursue litigation against their employer.
Gangs are also singling out the business leaders they deem ‘responsible’ for the ransomware attack at the companies they target. In one post, attackers encouraged employees to seek ‘compensation’ from their company, and, in others they threatened to notify customers, partners and competitors about data breaches.
Sophos X-Ops also found multiple posts by ransomware attackers detailing their plans to search for information within stolen data that could be used as leverage if companies don’t pay. This could be commercial information or details of what employees have been searching for online, including illegal material or images.
According to Sophos, these posts align with a broader trend of criminals seeking to extort companies using sensitive data relating to employees, clients or other third parties. The firm said that ransomware gangs are becoming increasingly invasive and bold, not just stealing data and threatening to leak it, but actively looking for ways to maximise damage and create opportunities for extortion.
You can read the full report on Sophos.com. For more information on Sophos security solutions, click on the link below to get in touch with our security practice team.
