Cybersecurity

Sophos details how ransomware attackers pressure victims to pay

Cybersecurity solutions firm Sophos published an article “The Top 10 Ways Ransomware Operators Ramp Up the Pressure to Pay,” detailing how ransomware attackers are implementing a wide range of ruthless pressure tactics to persuade victims to pay the ransom.

The article is based on evidence and insight from Sophos’ Rapid Response team of 24/7 incident responders who help organizations under active cyberattack. It highlights the shift in ransomware pressure techniques from solely encrypting data to including other pain points, such as harassing employees.

“Since organizations have become better at backing up their data and restoring encrypted files from backups, attackers are supplementing their ransom demands with additional extortion measures that increase the pressure to pay,” said Peter Mackenzie, director, Incident Response at Sophos.

Keep ransomware at bay with Sophos Managed Threat Response
Retail sector a top target for ransomware in 2020 — Sophos

  • Below are the top 10 ways attackers are increasing pressure on their ransomware victims to get them to pay the ransom:
  • Stealing data and threatening to publish or auction it online
  • Emailing and calling employees, including senior executives, threatening to reveal their personal information
  • Notifying or threatening to notify business partners, customers, the media, and more of the data breach and exfiltration
  • Silencing victims by warning them not to contact the authorities
  • Recruiting insiders to help them breach networks
  • Resetting passwords
  • Phishing attacks targeting victim email accounts
  • Deleting online backups and shadow volume copies
  • Printing physical copies of the ransom note on all connected devices, including point of sale terminals
  • Launching distributed denial-of-service attacks against the target’s website