Cyber Intelligence

Linkedin
  • News
    • Aerospace
    • Apple
    • Arrest
    • Automotive
    • Big Tech
    • Breaking News
    • Business Email Compromise
    • China
    • Chip Technology
    • Cryptocurrency
    • Cyber Budget
    • Cyber Espionage
    • Cyber M&A
    • cybercrime
    • Data Leak
    • deepfake
    • Energy Sector
    • Ethiopia
    • Finance
    • France
    • Geopolitics
    • Government
    • Hacktivism
    • Healthcare
    • Human Error
    • Investment Scam
    • Iran
    • Israel Conflict
    • Malicious Bots
    • Malware
    • North Korea
    • Norton
    • One Minute Roundup
    • ransomware
    • SEC
    • SMB
    • Social Media
    • Sri Lanka
    • Taiwan
    • VPN
    • Wire Fraud
    • Workforce Cyber
  • Analysis
  • Expert Opinions
  • Resources
    • Conferences
    • Glossary of terms
    • Awards
    • Ecosystem map
Reading: Ransomware gangs start to fight dirty
Share
Cyber IntelligenceCyber Intelligence
Aa
  • News
  • Analysis
  • Expert Opinions
  • Resources
Search
  • News
    • Aerospace
    • Apple
    • Arrest
    • Automotive
    • Big Tech
    • Breaking News
    • Business Email Compromise
    • China
    • Chip Technology
    • Cryptocurrency
    • Cyber Budget
    • Cyber Espionage
    • Cyber M&A
    • cybercrime
    • Data Leak
    • deepfake
    • Energy Sector
    • Ethiopia
    • Finance
    • France
    • Geopolitics
    • Government
    • Hacktivism
    • Healthcare
    • Human Error
    • Investment Scam
    • Iran
    • Israel Conflict
    • Malicious Bots
    • Malware
    • North Korea
    • Norton
    • One Minute Roundup
    • ransomware
    • SEC
    • SMB
    • Social Media
    • Sri Lanka
    • Taiwan
    • VPN
    • Wire Fraud
    • Workforce Cyber
  • Analysis
  • Expert Opinions
  • Resources
    • Conferences
    • Glossary of terms
    • Awards
    • Ecosystem map

Cyber Intelligence

Linkedin
  • News
    • Aerospace
    • Apple
    • Arrest
    • Automotive
    • Big Tech
    • Breaking News
    • Business Email Compromise
    • China
    • Chip Technology
    • Cryptocurrency
    • Cyber Budget
    • Cyber Espionage
    • Cyber M&A
    • cybercrime
    • Data Leak
    • deepfake
    • Energy Sector
    • Ethiopia
    • Finance
    • France
    • Geopolitics
    • Government
    • Hacktivism
    • Healthcare
    • Human Error
    • Investment Scam
    • Iran
    • Israel Conflict
    • Malicious Bots
    • Malware
    • North Korea
    • Norton
    • One Minute Roundup
    • ransomware
    • SEC
    • SMB
    • Social Media
    • Sri Lanka
    • Taiwan
    • VPN
    • Wire Fraud
    • Workforce Cyber
  • Analysis
  • Expert Opinions
  • Resources
    • Conferences
    • Glossary of terms
    • Awards
    • Ecosystem map
Reading: Ransomware gangs start to fight dirty
Share
Have an existing account? Sign In
Follow US
© 2022 Foxiz News Network. Ruby Design Company. All Rights Reserved.
NewsransomwareTrends

Ransomware gangs start to fight dirty

Editorial Team
October 13, 2023 at 1:28 PM
By Editorial Team Editorial Team
Share
Ransomware gangs
SHARE

Ransomware gangs

Ransomware gangs are changing their tactics to counter the advances made by the cybersecurity industry and have begun to fight dirty by putting even more pressure on victims to pay up.

According to cybersecurity company SecureWorks’ annual State of the Threat Report, over the last 12 months, attackers have shortened the time between the initial penetration of the corporate network to the ransomware demand itself from 4.5 days to less than one day. This period, known in the cybersecurity industry as ‘dwell time’, offers well-equipped cybercriminals a leisurely opportunity to drain the company of funds and its most sensitive secrets. In 10 percent of cases, ransomware was even deployed within five hours of initial access.

“The driver for the reduction in median dwell time is likely due to the cybercriminals’ desire for a lower chance of detection. The cybersecurity industry has become much more adept at detecting activity that is a precursor to ransomware. As a result, threat actors are focusing on simpler and quicker ways to implement operations,” said Don Smith, VP of Threat Intelligence, SecureWorks Counter Threat Unit.

So the good news is that the cybersecurity industry’s focus on threat intelligence and attack detection has paid off by considerably narrowing the cybercriminals’ window of opportunity to cause damage. But the bad news is that a new generation of lean and hungry threat actors is now roaming the ransomware landscape and employing new ways of tightening the thumbscrews on their corporate victims.

“While some familiar names including GOLD MYSTIC (LockBit), GOLD BLAZER (BlackCat/ALPV), and GOLD TAHOE (Cl0p) still dominate the ransomware landscape, new groups are emerging and listing significant victim counts on “name and shame” leak sites,” says  SecureWorks.

Gangs “name and shame” their corporate victims

‘Name and Shame’ is the practice of applying added time pressure to the ransomware demand by immediately starting to release the victim organization’s most sensitive data onto data leak sites on the Dark Web, sometimes auctioning the most valuable and sensitive information to the highest bidder. The process of threatening to release the data merely to keep it permanently hidden and encrypted is known as  ‘double extortion’ and has been around almost as long as ransomware itself. What differentiates the new ransomware gangs from their more established rivals is their preparedness to rack up the pressure by starting to release large volumes of data at an early stage of their communications with the company whose data has been recently encrypted.

According to cybersecurity firm Asceris: “While all ransomware groups share the same objective, they employ different tactics to achieve their goal. Victims are usually named on the attacker’s data leak site, but the nature and the volume of data that is presented varies considerably by threat group.”

This can narrow the victim company’s window of opportunity to consult with the authorities, liaise with advisers, shareholders, and clients, and, where legally appropriate, negotiate with the cybercriminals in order to minimize long-term corporate as far as possible.

“Organisations that find themselves in the middle of a ransomware attack are under immense pressure to make the right decisions quickly based on limited information. Anyone considering negotiation with a ransomware actor should understand their modus operandi, and how they typically use their leak site to make higher ransom demands and increase the chances of payment,” says Asceris. “Organisations need to understand who they are dealing with, remain calm and composed, and ensure that they have the right information and monitoring at their disposal.”

In the ongoing battle between the ransomware gangs, who now measure their takings in billions, and the cybersecurity industry, things just got a lot meaner.

TAGGED: alpv, asceris, blackcat, clop, Cybersecurity, dark web, data leak, leak sites, lockbit, ransom demands, Ransomware, ransomware tactics, secureworks, threat report
Editorial Team October 17, 2023 October 13, 2023
Share This Article
Twitter LinkedIn Email Copy Link Print
Previous Article The Daily Decrypt - One Minute Roundup Google responds to increase in malware-related money theft – October 13th
Next Article Israel under cyber attack Israel conflict spreads to cyberspace
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Editor's Pick

You Might Also Like

NewsOne Minute RoundupOne Minute Roundup

EU Launches Free Railway Cybersecurity Courses – June 16th

The International Union of Railways is launching cybersecurity courses specifically for the transport industry. Developed by industry specialists, the CYRUS training program aims to address the growing need for cybersecurity awareness in the industry, particularly among non-technical staff.

June 16, 2025
NewsOne Minute RoundupOne Minute Roundup

Geopolitical Tensions are Changing the Cybersecurity Landscape – June 13th

Political tensions are prompting nations to re-strategize cybersecurity. Countries that once sought international cooperation and joint strategies are now prioritizing domestic cyber capacities and national interests as a result of geopolitical instabilities.

June 13, 2025
CryptocurrencyNewsNorth Korea

Bogus IT workers are defrauding US businesses

The US government has seized over $7.74 million in illegal funds, allegedly siphoned off by illegitimate North Korean Information Technology (IT) workers for the benefit of the North Korean government. The US Department of Justice (DOJ) has filed a civil forfeiture complaint alleging that the IT workers secured employment in the US illegally, racking up millions of dollars in cryptocurrency and bypassing US sanctions placed against North Korea. According to the US Federal Bureau of Investigation (FBI), the use of North Korean IT workers to defraud the US is now taking place on a massive scale.

June 13, 2025
NewsOne Minute RoundupOne Minute Roundup

UK backs AI and intelligence modernization – June 12th

The UK government has announced its plans to invest in digital and artificial intelligence (AI) in public services, including the NHS, aiming to build strong technology foundations and tackle urgent cybersecurity risks.

June 12, 2025

Cyber Intelligence

We provide in-depth analysis, breaking news, and interviews with some of the leading minds in cybersecurity and distill critical insights that matter to our readers. Daily.

Linkedin

Category

  • Cybercrime
  • News

Quick Links

  • News
    • Aerospace
    • Apple
    • Arrest
    • Automotive
    • Big Tech
    • Breaking News
    • Business Email Compromise
    • China
    • Chip Technology
    • Cryptocurrency
    • Cyber Budget
    • Cyber Espionage
    • Cyber M&A
    • cybercrime
    • Data Leak
    • deepfake
    • Energy Sector
    • Ethiopia
    • Finance
    • France
    • Geopolitics
    • Government
    • Hacktivism
    • Healthcare
    • Human Error
    • Investment Scam
    • Iran
    • Israel Conflict
    • Malicious Bots
    • Malware
    • North Korea
    • Norton
    • One Minute Roundup
    • ransomware
    • SEC
    • SMB
    • Social Media
    • Sri Lanka
    • Taiwan
    • VPN
    • Wire Fraud
    • Workforce Cyber
  • Analysis
  • Expert Opinions
  • Resources
    • Conferences
    • Glossary of terms
    • Awards
    • Ecosystem map

© 2023 Cyberintel.media

Welcome Back!

Sign in to your account

Lost your password?