Victims of ransomware attacks are increasingly facing secondary extortion schemes, where attackers threaten to publish or sell data stolen from the victims’ systems, this led us to sit down with Rick McElroy, Cybersecurity Strategist, VMware Carbon Black to discuss what has led to this escalation.
<p>For opportunistic cybercriminals, secondary extortion is the name of the game. The nature of ransomware attacks has quickly evolved and organisations experiencing the damage and impact first hand. In secondary extortion attacks, criminals quietly steal sensitive information from a victim, incrementally gathering leverage. They then use the stolen data to force organisations to not only pay to decrypt their content, but also prevent potentially harmful data from being sold or otherwise publicly disclosed.</p> <p> </p> <p>The ransomware group was able to steal the full source code for not only Cyberpunk 2077, but also the organisation’s other wildly popular game, The Witcher 3 and related content. This is data that not only compromises everything the company has worked on for over a decade, but also drew significant concern around what they planned to do with the stolen data. In these situations, even if the company pays the ransom, and pays them to not publicly share the source code, there really is nothing stopping the attackers from selling the source code directly, especially considering the significant dollar value this could bring in. Secondary extortion is an opportunity for cybercriminals to cash in and profit from attacks in multiple ways.</p>
<p>For opportunistic cybercriminals, secondary extortion is the name of the game. The nature of ransomware attacks has quickly evolved and organisations experiencing the damage and impact first hand. In secondary extortion attacks, criminals quietly steal sensitive information from a victim, incrementally gathering leverage. They then use the stolen data to force organisations to not only pay to decrypt their content, but also prevent potentially harmful data from being sold or otherwise publicly disclosed.</p> <p> </p> <p>The ransomware group was able to steal the full source code for not only Cyberpunk 2077, but also the organisation’s other wildly popular game, The Witcher 3 and related content. This is data that not only compromises everything the company has worked on for over a decade, but also drew significant concern around what they planned to do with the stolen data. In these situations, even if the company pays the ransom, and pays them to not publicly share the source code, there really is nothing stopping the attackers from selling the source code directly, especially considering the significant dollar value this could bring in. Secondary extortion is an opportunity for cybercriminals to cash in and profit from attacks in multiple ways.</p>