Ransomware attacks have begun to show their cruelest face and they know how to play their cards so that the victims finally end up paying the extortion.
The large increase in cases of ransomware worldwide is alarming experts in the sector of the cybersecurity. Some developments have really been groundbreaking, such as the use of a double or triple extortion model and the creation of leak sites on the Deep Web to try to shame victims into paying up.
The great problem that appears in an article of Wired is that given that One of the great tips from these specialists is to refuse to pay the extortion money from cybercriminals. to recover the stolen data, these they have started posting stolen photos of cancer patients and confidential student records, in relation to recent cases in the US.
BlackCat is one such group of attackers that have recently leaked some nude photos of cancer patients from a Pennsylvania health care facility that claimed it would not pay its million-dollar ransom demand.
As they explain, this new ‘trend’ has never gone this far before and ransomware attacks on administrations or health centers had not generated such a stir if they refused to paydespite the fact that it has always been the ultimate goal of these cybercriminals.
Increasingly dangerous ransomware attacks: a new trend?
Highlight that This is not the first time something like this has happened.. In 2016, another group by the name of thedarkoverlord (TDO) posted raw photos of patients who had had limbs amputated.
Following this episode, they also hacked into a plastic surgery clinic in the UK and sent graphic photos of genitalia taken from the archives to the media. This does not stop here since Later, some patients also refused to pay the extortion and ended up leaking their personal photos.
“What’s notable here, I think, is that in the past gangs have always had to strike a balance between putting pressure on their victims to pay up and not doing things so heinous, terrible and evil that the victims don’t want to deal with them.”. says Brett Callow, a threat analyst at antivirus company Emsisoft.
Although, as you can see, it is not something new (it is expected that the same will not happen with the latest ransomware attack on the Hospital Clínic de Barcelona), It is logical that institutions or companies are sufficiently concerned that this could happen to them.
“As fewer victims pay the ransom, ransomware actors become more aggressive in their extortion techniques,” explains Allan Liska, an analyst at security firm Recorded Future who specializes in ransomware.
With all this, and if something positive can be extracted from these threats, it is that entities assess the risks and ultimately invest more in cybersecurity in order to protect themselves. It is true that it is never enough, but it is clear that many of them show a certain neglect.