A new report from Palo Alto Networks found that ransomware and extortion actors are utilising more aggressive tactics to pressure organisations, with harassment being involved 20 times more often than in 2021, according to Unit 42 incident response cases.
This harassment is typically carried out via phone calls and emails targeting a specific individual, often in the C-suite, or even customers, to pressure them into paying a ransom demand, the research finds.
The 2023 Unit 42 Ransomware and Extortion Report shares insights compiled based on findings from Unit 42’s incident response work from approximately 1,000 cases throughout the past 18 months.
Ransomware demands continued to be a pain point for organisations this past year, with payments as high as US$7 million in cases that Unit 42 observed. The median demand was US$650,000, while the median payment was US$350,000 indicating that effective negotiation can drive down actual payments.
Key trends from the report include:
Attackers add pressure with multi extortion: Ransomware groups have been observed layering extortion techniques for greater impact, with the goal of applying more pressure on organisations to pay the ransom. Some of these tactics include encryption, data theft, distributed denial of service (DDoS) and harassment. Data theft, which is often associated with dark web leak sites, was the most common of the extortion tactics, with 70% of groups using it by late 2022 a 30 percentage point increase from the year prior.
Leak sites drip with data: Every day, Unit 42 researchers see an average of seven new ransomware victims posted on leak sites equating to one new victim every four hours. In fact, in 53% of Unit 42’s ransomware incidents involving negotiation, ransomware groups have threatened to leak data stolen from organisations on their leak site websites. This activity has been seen from a mix of new ..
Support the originator by clicking the read the rest link below.
