It has been reported that a new trend is emerging among ransomware groups where they prioritize stealing data from workstations used by top executives and managers in order to find information that can be used to blackmail the executives to pressure the company to pay the ransomware.
<p>Cybercriminals are more sophisticated than ever, and while the primary purpose of ransomware groups is to make money, there is always a high risk of collateral damage, since attacks stop systems from working. Ransomware groups design their cyberattacks to cause enough disruption and financial distress to not just disrupt file access, but also to reach critical business operations, where harm will be immediately and acutely felt, to justify their plea for quick and high payment. This new tactic of going after the machines of top executives shows the evolution of how ransomware has moved from just volume-based targeting of individuals to enterprises, and now within the enterprise to model the targeting of C-level executives similar to the Business Email Compromise type of an attack. This tactic is preying on the fear of exposure but may not always result in getting paid.</p>