Some ransomware gangs are going after top execs to pressure companies into paying
Catalin Cimpanu reports:
A new trend is emerging among ransomware groups where they prioritize stealing data from workstations used by top executives and managers in order to obtain “juicy” information that they can later use to pressure and extort a company’s top brass into approving large ransom payouts.
ZDNet first learned of this new tactic earlier this week during a phone call with a company that paid a multi-million dollar ransom to the Clop ransomware gang.
Similar calls with other Clop victims and email interviews with cybersecurity firms later confirmed that this wasn’t just a one-time fluke, but instead a technique that the Clop gang had fine-tuned across the past few months.
Read more on ZDNet. The technique doesn’t seem to have widespread adoption yet outside of Clop although one Clop affiliate associated with others may also use it.
As always, everything old is new again. The technique of hackers trying to extort or pressure top executives in an organization to pay ransom demands is not new. We saw it on a regular basis with thedarkoverlord in 2016 and 2017, when they would publicly taunt executives of their victims, mentioning highly personal details to show them that they had acquired their personal files, emails, and other potentially embarrassing material. Whether that approach ever actually worked for them is unknown to DataBreaches.net, but we certainly saw examples of their attempts to use that technique.