In November, cyber crooks told services company Allied Universal that they would make its files public if the company didn’t pay a ransom. Allied refused and the hackers stuck to their threat, releasing a portion of the data onto the open internet. The same gang has now published a website issuing similar threats to other victims that have refused to pay ransom. If their demands are met, other ransomware gangs will likely replicate the strategy to increase their chances of getting paid, or to maximize their profits.
The gang behind Maze ransomware recently erected a website (found by security reporter Brian Krebs) listing the company names and websites of eight victims of their malware. Besides an infection with the same ransomware strain, all these entities have one thing in common: they all refused to pay up, deciding to recover the hard way (i.e. from backups).
But the Maze gang is not the only one threatening victims with data exposure if their ransom demands aren’t met. The people behind Sodinokibi/rEvil made similar threats on a popular dark web forum recently. Others before them issued similar threats, but rarely kept their promise. While the method of twisting the victim’s armis not new, 2019 marks the first time the bad guys are making good on their promise. If the Maze gang is not lying about having exfiltrated victims’ data before encrypting it, they will likely stick to their end of the bargain. If that happens, there is no reason to believe other ransomware operators won’t do the same in 2020 and beyond.
Ransomware becoming synonymous with data breach has serious implications: the victim’s reputation can become tarnished, while the legal repercussions (GDPR, CCPA, HIPPA etc. ) can inflict millions and even billions in losses. For some, a serious cyber incident can spell bankruptcy.
One thing ransomware operators never fail to do is to replicate every method that has worked in the past to coerce victims to cooperate. If the end of 2019 is any indication, ransomware in 2020 will become more hazardous than ever – especially for big businesses.