Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security IT Technology

Some Ransomware Gangs Are Going After Top Execs To Pressure Companies Into Paying (zdnet.com) 31

A new trend is emerging among ransomware groups where they prioritize stealing data from workstations used by top executives and managers in order to obtain "juicy" information that they can later use to pressure and extort a company's top brass into approving large ransom payouts. From a report: ZDNet first learned of this new tactic last week during a phone call with a company that paid a multi-million dollar ransom to the Clop ransomware gang. Similar calls with other Clop victims and email interviews with cybersecurity firms later confirmed that this wasn't just a one-time fluke, but instead a technique that the Clop gang had fine-tuned across the past few months.

The technique is an evolution of what we've been seen from ransomware gangs lately. For the past two years, ransomware gangs have evolved from targeting home consumers in random attacks to going after large corporations in very targeted intrusions. These groups breach corporate networks, steal sensitive files they can get their hands on, encrypt files, and then leave ransom notes on the trashed computers. In some cases, the ransom note informs companies that they have to pay a ransom demand to receive a decryption key. In case data was stolen, some ransom notes also inform victims that if they don't pay the ransom fee, the stolen data will be published online on so-called "leak sites."

This discussion has been archived. No new comments can be posted.

Some Ransomware Gangs Are Going After Top Execs To Pressure Companies Into Paying

Comments Filter:
  • who to be rooting for here. I am really split about it.
  • Assume your data will eventually be compromised. Modern software just has too many holes and the payoff for hackers is too great.
    • Some OS seem more open to compromise and hacking than others.

      Only seen Linux machines taken that were running ancient php and skanky libraries. My own BSD and Linux servers never owned, been pretty good about keeping up with patching.

      • by micheas ( 231635 )

        Depends on how big of a target you have on your back.

        If you are a big target you should be really suspicious if you aren't finding compromises and cleaning them up before they do real damage.

        • My employer is massive target, but load balancers with WAF block all manner of attempts, tens of thousands per day. Only issues of actual compromise were ancient "billboard" systems not behind that. Finding compromises in patched and web app firewalled system? Doesn't seem to be common.

      • by cusco ( 717999 )

        Two weeks ago I would have been able to say that in two decades of running Windows servers that I've never had one pwnd, but then our test box got hit with Solar Winds' issues so that's out the window now.

      • > My own BSD and Linux servers never owned, been pretty good about keeping up with patching.

        Those security updates make a big difference.
        When security updates are released, such as on patch Tuesday, that announcement is read totally differently by two different groups of people:

        You read it as updates you need to install to be safe

        Thousands of script kiddies read it as "here's how to hack the systems this week".

  • So, it's an article explaining that ransomware is still active and still happening. And in case you didn't know what ransomware is yet, they did a good job of writing a quick description of what it is. In other news, spam is still a thing.. How did this get posted?
  • by Nidi62 ( 1525137 ) on Monday January 11, 2021 @03:59PM (#60928560)

    I've got a better idea.
    1.Get access to the devices of a company's CxO suite.
    2.Lock them all, leave them locked for a month or 2.
    3. Demand Payment or you will unlock their devices. Company looks at all the productiviy gains the last 2 months and pays up.
    4. Profit!!!
     

  • ... a company that paid a multi-million dollar ransom ...

    Ok. So the clob gang must have gotten some really juicy information on the CEO. Why hasn't the board of directors started asking questions, like "WTF did you do that you haven't told us about"? and "How frequently will we have to pay to cover up what you did?"

    • Who said the board has to know if the exec pays out of pocket - and by pocket, I mean something more like a Scrooge McDuck money pool.

  • You mess with the rich, who have plenty of cash to bribe* politicians with, then serious Federal resources may be devoted to hunting you down. It's in your interest to stick to targeting ordinary grunts of my financial caliber, who can't do shit.

    * Legally, thanks to GOP-sponsored Citizens United ruling.

    • by rskbrkr ( 824653 )

      You mess with the rich, who have plenty of cash to bribe* politicians with, then serious Federal resources may be devoted to hunting you down. It's in your interest to stick to targeting ordinary grunts of my financial caliber, who can't do shit.

      * Legally, thanks to GOP-sponsored Citizens United ruling.

      It's safe to assume that the vast majority of these groups are located internationally. Likely in nations with no interest in working with US authorities.

      • by Tablizer ( 95088 )

        I don't see that as a barrier, if given resources. The CIA etc. can go around them if such gov'ts don't cooperate.

      • by PPH ( 736903 )

        Likely in nations with no interest in working with US authorities.

        Dollars can buy local muscle.

      • That is when you call Blackwater or some extra national security force. They can liquidate the problem. Worse yet, since Obama's VP Biden will be controlling the drones, let them think a bad guy is anywhere. They will send a drone strike, not a payment. Even weddings were not safe under Obama. :)
    • by gtall ( 79522 )

      More deadly, they have money for good lawyers and private security investigations. Stop inventing graft with no evidence. . . .errr. . . .you don't work for the alleged president, do you?

  • Maybe now we will see some prioritization on security over new-and-stupid features! But probably not...

  • I crashed the hard drive on my PC a while back. I lost a lot of good porn. I wonder if one of these sites has a copy which I might use to recover it.

  • The higher up, the bigger the tech-ignorance.

Be sociable. Speak to the person next to you in the unemployment line tomorrow.

Working...