Weaponizing The Data

The line between ransomware attacks and data breaches continues to blur in early 2020, with a number of prolific ransomware operators – including Maze, Sodinokibi, DoppelPaymer, Nemty, Nefilim, CLOP and Sekhmet – creating their own websites where they publish the stolen data of non-paying victims, according to cybersecurity firm Emsisoft.

In 2020, Emsisoft said ransomware groups have threatened to: sell stolen data to competitors; use stolen data to attack victims’ business partners; and publicize victims’ “dirty secrets” on the clear web for all to see. Some attackers took advantage of COVID-19 to coax people into opening malicious emails and attachments, while other ransomware groups agreed to an ad-hoc ceasefire on healthcare vendors.

Victims of the 11 biggest ransomware attacks (so far) have spent at least $144.2 million on costs ranging from investigating the attack, rebuilding networks and restoring backups to paying the hackers ransom and putting preventative measures in place to avoid future incidents. The victims allegedly paid a ransom in seven of the cases. Recorded Future assisting with compiling some of the incidents.

Five of the ransomware victims were municipal governments, while the remaining spanned verticals from legal, manufacturing and financial services to IT services, facility management and higher education. Eight of the affected entities are in the United States, two are in England and one is in Denmark. Here’s an examination of 10 of the biggest ransomware attacks during the first half of 2020.

For more of the biggest startups, products and news stories of 2020, click here.