CySecurity News - Latest Information Security and Hacking Incidents, EN

Ransomware Groups are Using PR Charm Tactic to Put Pressure on Victims to Pay Ransom

Recently, ransomware groups have been increasingly adopting newer tactics, one of them being the transparent, quasi-corporate strategy with the media, with the benefits of building pressure on the victims to pay ransom. 
According to a report, released this week by Sophos X-Ops, ransomware groups like Royal, the Play and RansomHouse were seen engaging with journalists. This partnership is dubious, however advantageous to both the parties: hackers expose their victims or, in some high-profile cases, amend the record, while reporters receive scoops directly from primary (but untrustworthy) sources.

According to Christopher Budd, director of threat intelligence for Sophos X-Ops, “This shows that they’re true hackers[…]Now they’re trying to hack the information sphere, as well as the technical sphere.”

Cybercriminals in Corporate Clothing

These days, ransomware organizations provide channels for direct connection that are not limited to victims. In addition to the typical “Contact Us” forms and PR-focused Telegram channels, useful resources and FAQs are available to support them.

The ultimate idea is: that by broadcasting their deeds in the news, these threat actors put public pressure on the victims, further pressurizing their suppliers, customers, etc. 

The threat actors often imply this idea in ransom notes. For example, Sophos recently analyzed a ransom note published by the Royal ransomware group, stat

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: