The DoppelPaymer Ransomware "family" is the latest group re-writing its ransomware to increase victim payments. The new code now allows the criminals to steal data before encrypting the network for ransom.
They then threaten to publish or sell this data if the victim does not pay the ransom.
This is the equivalent of a kidnapper cutting off fingers of a victim until a ransom is paid. The Maze Ransomware group was the first to use this tactic in November, and others will follow suit.
"MAZE shown the world that success rates are increased after sharing some data."
-DoppelPaymer
Organizations facing these attacks have few options. The attackers gain the upper hand, and victim organizations are left with damaged reputation, exposed information and a costly recovery.
"It is clear that sensitive and private information of not only businesses, but also employees, is being stolen and released."
As cyber criminals keep getting better, more organizations are turning to INFIMA's fully automated Cyber Security Training to keep their teams safe.
Want to learn more? Start