In a new move for ransomware actors, a ransomware attack has turned into a giant data breach. In a typical ransomware attack, the victim's data is locked up until the ransom is paid, but it is often not exfiltrated.
Unfortunately for Allied Universal, its ransomware attackers took the next step of exfiltrating and publicly posting company data.
With this escalated attack, victims now need to not only be concerned about recovering their encrypted files, but what would happen if their stolen unencrypted files were leaked to the public.
The criminals took the step of posting sensitive data when Allied Universal refused to pay their $2.3 million ransom demand. In fact, the attackers said they were "not interested in [Allied Universal's] data, just their money."
This leads to an escalated cost of dealing with breach notifications, hiring data breach lawyers, and the potential law suits that may follow.
We've entered a new phase in the ransomware attack landscape. Attackers are taking more drastic steps to get paid. These new measures apparently include weaponizing the victim's email accounts:
"They further warned that if Allied Universal did not pay, the Maze actors would conduct a spam campaign using Allied's domain name and email certificates."
This is a painful reminder that attackers are smarter than we wish to admit, and it's critically important that we close our security gaps.
With INFIMA's fully managed Security Awareness Training platform, you can educate and test your employees with confidence.
Click here to start today!
Join the newsletter to receive the latest updates in your inbox.