Communications of the ACM

Home/News/The Latest Cybersecurity Threat: Pay Us or We Release.../Full Text

ACM TechNews

The Latest Cybersecurity Threat: Pay Us or We Release the Data

By The Wall Street Journal
September 14, 2021
Comments

View as: Print Mobile App Share:

A Water Quality Monitoring Station of the Scottish Environmental Protection Agency. — The Scottish Environmental Protection Agency was the victim of a ransomware attack last December and had stolen data published.

Credit: Alamy

A new type of ransomware attack involves cybercriminals stealing sensitive data and threatening to publish it online if the victim does not pay a hefty ransom.

With the new attacks, victims not only have to contend with the initial ransom payment, but also legal and reputational risks depending on the information that could be leaked.

Coveware reports that 81% of ransomware attacks in the second quarter involved such threats.

Security experts are paying close attention to these new attacks because they could harm a company's customers, partners, and employees whose data was stolen.

Emsisoft's Brett Callow said attackers sometimes inform customers that their sensitive data has been stolen to increase pressure on the company to pay the ransom.

In cautioning against ransom payments, Callow said, "You are simply paying for a promise from an untrustworthy bad-faith actor that they won't further misuse the data they stole."

From The Wall Street Journal
View Full Article - May Require Paid Subscription

No entries found

The Latest Cybersecurity Threat: Pay Us or We Release the Data

iOS Users' Face Scans Used to Break into Mobile Banking Accounts

Leveraging Professional Ethics for Responsible AI

Unlocking the Potential of Zero-Knowledge Proofs in Blockchain