Page 248 - Cyber Defense eMagazine August 2024
P. 248

In response  to these  developments,  attacker  groups  are reconsidering  their strategy.  Rather  than risk
            detection by encrypting as much data as possible, they now prefer to quickly extract as much information
            as possible and then threaten to divulge it. Ransomware has become extortion.



            Re-energising the threat of publication

            The potential public disclosure of sensitive information is the core of leveraging fear to pressure victims
            into  paying  a ransom.  The reputational  damage  and financial  repercussions  of a  data breach  can be
            devastating.

            Ransomware gangs have recognised the potential for damage to a brand or group’s reputation simply by
            being mentioned  on the ransomware operators’  sites. A study found that the stock market value of the
            companies named in a data leak falls by an average of 3.5% within the first 100 days following the incident
            and struggles to recover thereafter. On average, the companies surveyed can lose 8.6% over one year.

            This threat of loss based on association, now quantified and in the hands of cybercriminals  has become
            an effective tool.



            Operational disruption and revenue loss

            Modern businesses  rely heavily on digital systems for daily operations. A ransomware  attack can grind
            operations to a halt, disrupting critical functions like sales, customer service, and production.

             This disruption translates  to lost revenue,  employee downtime,  and potential customer dissatisfaction.
            The  longer  the  disruption  lasts,  the  greater  the  financial  impact  becomes.  Attackers  exploit  this
            vulnerability, pressuring victims to pay the ransom quickly to minimize their losses. And they do this most
            effectively by recognising key operational data.


            This then evolves as a ransomware  attack on one company  can ripple through  its entire  supply chain.
            Suppliers and distributors may be unable to access essential data or fulfil orders, leading to delays and
            disruptions across the chain.

            Knowledgeable attackers now target a single company as a gateway to extort multiple entities within the
            supply chain, maximizing their leverage and potential payout.



            Brand damage at the regulatory level

            Brazen ransomware groups have already realised the value in making direct contact with

            end-users  or companies  that are the customers  of their targets as it enables  the operators  to increase
            pressure.







            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          248
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   243   244   245   246   247   248   249   250   251   252   253