Comments On New Zepplin Ransomware Steals Data Before Encrypting It

The Zeppelin ransomware gang has joined the ranks of ransomware strains (Maze, REvil (Sodinokibi), Snatch, and the now-defunct Merry Christmas) that collect and steal a victim’s data before encrypting files.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Ilia Kolochenko
Ilia Kolochenko , Founder and CEO
InfoSec Expert
January 2, 2020 3:00 pm

Attackers have been stealing data prior to launching ransomware attacks for many years already, but this trend has become even more well-organized, systematic and persistent.

Malware with built-in mechanisms to steal and then encrypt data will likely mushroom in the near future. There are two vectors to every exploit of attack. The first is to get ransom money and the second is to get money by selling data. This particular form of malware will ensure that at least one vector will be profitable to cybercriminals.

The problem for organizations is that now, in accordance with most of the data protection and privacy laws, they will likely be required to indemnify customers who have fallen victim and whose data was affected in a ransomware attack.

Previously, most organizations merely announced ransomware incidents as minor concerns, solely affecting data availability but not confidentiality or integrity. Today, given the multifaceted approach taken by the attackers, downplaying the importance of a ransomware incident is unlikely to succeed, triggering a protracted chain of investigations and legal ramifications.

Keeping an up2date, comprehensive and holistic inventory of your digital assets, enhanced with continuous security monitoring and Dark Web surveillance, is a key to avoid falling victim to ransomware, most of which exploit known vulnerabilities in abandoned, legacy or shadow systems which then cause a domino effect.

Last edited 2 years ago by Ilia Kolochenko
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x