[BreachExchange] Ransomware hackers' new tactic: Calling you directly
Terrell Byrd
terrell.byrd at riskbasedsecurity.com
Tue Jan 25 10:40:19 EST 2022
https://www.msn.com/en-us/news/us/his-sons-school-was-hacked-then-the-ransomware-gang-called-him-at-home/ar-AAT7znc
Wayne didn’t know his son’s school district had been hacked — its files
stolen and computers locked up and held for ransom — until last fall when
the hackers started emailing him directly with garbled threats.
“we hold control on the network several months, so we had a ton of time to
carefully study, exfiltrate the data and prepare attack,” one of the three
emails he received said. If his son’s district, the Allen Independent
School District in the Dallas suburbs, didn’t pay up, all its files,
including information on him and his son, “would be released in the dark
market,” the emails warned.
It was a credible threat. Ransomware hackers frequently leak files of
organizations that don’t meet their demands and have littered the dark web
with school children’s personal information.
What Wayne received, however, represented a newer tactic. Ransomware
hackers, always in search of new ways to add pressure to organizations they
extort, have increasingly roped in everyday people whose information is
stored in computers they hacked, pestering them by phone and email to lobby
the victim organization to pay.
The hackers, who often work as loosely affiliated gangs with members in
different countries, have made millions of dollars in recent years by
attacking the computer networks of American companies, schools, hospitals
and cities. Despite the Biden White House’s policies to slow their attacks,
they were roughly as productive against U.S. targets last year as they were
the previous two, successfully attacking more than 1,000 school districts
and health care providers in 2021.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20220125/bbc22668/attachment.html>
More information about the BreachExchange
mailing list