Ransomware attacks have seen a whopping rise since the COVID-19 pandemic punched the world. They have, now, become a massive cause of concern because of their constantly evolving tactics. You know of double and triple extortion; however, this time we are going to talk about multi-layered extortion threats.
What is it?
Ransomware operators are resorting to different extortion tactics to intensify the stress on victims for greater ransom payouts. There are four new extortion tactics observed by the Hong Kong CERT Coordination Centre.
What are they?
DDoS extortion - also known as Ransom DDoS (RDDoS) attacks, cybercriminals use this to paralyze networks. Recently the Fancy Lazarus group threatened the victims with RDDoS attacks in case of non-payment of ransom.
Calls to business partners and media - apart from DDoS attacks, ransomware gangs are threatening to make calls to business partners and media for increased reputational damage, among others. This trend was started by the REvil ransomware gang.
Short-selling stocks - DarkSide ransomware operators hatched this new extortion tactic in which they started short-selling the stocks of victims listed in the stock market.
Disruption of critical infrastructure - we are aware of the Colonial Pipeline incident that disrupted operations. Apart from targeting IT systems, attackers also have an eye for Operational Technology (OT). Taking down systems responsible for a firm’s business operations leads to huge financial and reputational losses.
What to do?
Organizations are willing to pay considerable sums of ransom to avoid the potential damages caused due to a ransomware attack. However, proactive defense is the long-term sustainable way to stay ahead of such threats. Confronting the root cause of ransomware attacks by leveraging threat intelligence and applying proper defenses is the way to go forward.