BACKGROUND:
The ransomware group BlackMatter has developed a custom data exfiltration tool, dubbed Exmatter, that allows operators to easily target data of value, suggesting that they are looking to make their attacks faster.
Experts Comments
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.
Be part of our growing Information Security Expert Community (1000+), please register here.
It’s not surprising that they are focusing specifically on extracting data, given these are ultimately the crown jewels of any organization from customer data to trade secrets and employee information. Any data that can be used for extortion is fair game and so it makes sense to focus on this from the attacker’s perspective. The approach is not really new though – most ransomware uses some form of exfiltration already, they just use different approaches to do this. This particular example
.....Read MoreIt’s not surprising that they are focusing specifically on extracting data, given these are ultimately the crown jewels of any organization from customer data to trade secrets and employee information. Any data that can be used for extortion is fair game and so it makes sense to focus on this from the attacker’s perspective. The approach is not really new though – most ransomware uses some form of exfiltration already, they just use different approaches to do this. This particular example is exfiltrating the data before putting up a paywall, which is a different sequence than we typically see. I am not sure I would say it is more dangerous than any others though, just a slightly different approach.
The lack of repercussions and danger associated with ransomware continues to attract new entrants on a daily basis. There are virtually no barriers to entry and it is very easy to work with many of these gangs and utilize their technologies, so the attacks will only continue to grow.
Read LessLinkedin Message
@Dr. Darren Williams, Founder and CEO, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/ransomware-expert-offer-insights-on-blackmatter-data-exfiltration-tool
Facebook Message
@Dr. Darren Williams, Founder and CEO, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/ransomware-expert-offer-insights-on-blackmatter-data-exfiltration-tool