Comment: New Group Can Breach Organisation, Steal Sensitive Data Without Ransomware

By   ISBuzz Team
Writer , Information Security Buzz | Oct 14, 2021 03:41 am PST


It has been reported that in less time than it takes to get a stuffed crust pizza delivered, a new group called SnapMC can breach an organization’s systems, steal their sensitive data, and demand payment to keep it from being published, according to a new report from NCC Group’s threat intelligence team — no ransomware required. Rather than disrupting business operations by locking down a target’s data and systems, SnapMC just focuses on straight-up extortion. However, this low-tech, ransomware-free approach to extortion on a compressed timeline relies on known vulnerabilities with patches readily available.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Andy Norton
Andy Norton , European Cyber Risk Officer
October 14, 2021 11:42 am

<p>Data exfiltration as part of an intrusion is a double edged sword for malicious actors. The motivation in paying the ransom, in most cases, is to restore services rather than to recover lost data. How naive do you have to be to think that if a ransom is paid, that data will be perfectly perfectly safe in the hands of a criminal? Regardless of whether an organisation pays the ransom or not, they will still have to notify regulatory bodies with 72 hours if they are bound to GDPR or NIS regulations. They will still have to take the same recovery and response measures whether they pay or not. In fact, the only thing that would  tarnish their reputation more would be to pay the ransom in the hopes they can cover up a breach.</p>
<p>Snap, they made headlines. Crackle, no ones going to pay. Pop, they’ll move on.</p>

Last edited 2 years ago by Andy Norton

Recent Posts

Would love your thoughts, please comment.x