Comment: New Group Can Breach Organisation, Steal Sensitive Data Without Ransomware

BACKGROUND:

It has been reported that in less time than it takes to get a stuffed crust pizza delivered, a new group called SnapMC can breach an organization’s systems, steal their sensitive data, and demand payment to keep it from being published, according to a new report from NCC Group’s threat intelligence team — no ransomware required. Rather than disrupting business operations by locking down a target’s data and systems, SnapMC just focuses on straight-up extortion. However, this low-tech, ransomware-free approach to extortion on a compressed timeline relies on known vulnerabilities with patches readily available.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Andy Norton
Andy Norton , European Cyber Risk Officer
InfoSec Expert
October 14, 2021 11:42 am

<p>Data exfiltration as part of an intrusion is a double edged sword for malicious actors. The motivation in paying the ransom, in most cases, is to restore services rather than to recover lost data. How naive do you have to be to think that if a ransom is paid, that data will be perfectly perfectly safe in the hands of a criminal? Regardless of whether an organisation pays the ransom or not, they will still have to notify regulatory bodies with 72 hours if they are bound to GDPR or NIS regulations. They will still have to take the same recovery and response measures whether they pay or not. In fact, the only thing that would  tarnish their reputation more would be to pay the ransom in the hopes they can cover up a breach.</p>
<p>Snap, they made headlines. Crackle, no ones going to pay. Pop, they’ll move on.</p>

Last edited 11 months ago by Andy Norton
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x