Organisations that don't comply with ransomware threats are now finding additional pressure being applied with threats like 'We know where your CEO lives'. Unconfirmed reports from Germany suggest that Armenian and Ukrainian gangs work directly with cyber criminals to enforce threats on the ground. As reported several times in the 'Süddeutsche Zeitung', a renowned German newspaper.
Wired magazine says experts say this is a dangerous new development in cybercrime and proof perpetrators are getting more sophisticated, threatening and treacherous.
In a Russian-based cyber-attack on three London hospitals in the first week of June 2024, GCHQ said unusual circumstances surrounded the attack which resulted in over 800 inpatient procedures and 700 outpatient procedures being rescheduled. It will take more than a year to restore the systems fully.
It is very awkward to get a serious analysis of ransomware attacks and threats as organisations and companies are reluctant to provide details of ransomware attacks. Despite GDPR requirements to report these crimes, most reluctantly report ransomware attacks. Investors increasingly look for heads when one of their companies gets hit.
Cybercrime researchers say they have to rely on sketchy data given in confidence which cannot be attributed or rely on the cybercriminals themselves to provide the information about ransomware attack effectiveness. ‘You can't rely on data given to you by criminals because they're such lying bastards’, says Mr White (known to us), a serious crime officer with a UK Police force.
Google cyber arm Mandiant states that ransomware activity increased significantly in 2023 up 40% on the previous year, and continues to grow in 2024. Mandiant says US businesses paid over $1 billion in ransoms in 2023. These attacks happen out of office hours, very early in the morning, say Mandiant.
Cybercriminals use shame sites to post sensitive details to increase the threat and force obedience. Dramatic countdown clocks amplify the pressure showing how long remain before they release the sensitive data. Interpol says this theatrical element is super effective.
Mandiant says they have seen leaked evidence of these threats in ransomware negotiations. It's hard to be rational when you or a member of your family gets a text or a WhatsApp message threatening to kill you. It is so easy to scrap a picture off Instagram of an 11-year-old child, alter it and use it to frighten the anxious parent. At that point, the logic goes out the window.
For example, in Seattle in 2023 Wired magazine reported the Fred Hutchinson Cancer Center patients were sent emails directly threatening the release of their details if the ransom was not paid.
A man with a briefcase cause a lot more trouble than a man with a gun, probably Don's best line in a song. In this case, we have the briefcase working in tandem with the gun, maybe the perfect crime. One thing is for sure, it's a scary new development.
We've spoken directly to members of the GCHQ and Interpol who say despite this being the obvious next step in the development of ransomware and cybercrime, it is deeply alarming.
In Bavaria, the renowned newspaper ‘Süddeutsche Zeitung reports that the supply chain companies involved with BMW and Mercedes-Benz have been heavily targeted over the last few years and continue to be targeted. Delivery targets, business pressures and lack of funding make them vulnerable to external threats like ransomware, much more than their enormous customers.
According to the 'Süddeutsche Zeitung', the severe shortages in IT skills and cyber skills throughout Germany make it much easier for criminals to prevail with ransomware, threatening the famous German middle layer of family-owned businesses.
Talk with an Expert about protecting your organisation
Articles, links and connections from the BeSecureOnline site you might find interesting
Get the latest updates in your email box automatically.
Your nickname:
Email address:
Subscribe