Cybersecurity firm warns vs ‘Ransomware 2.0’, ‘pressure tactics’
MANILA, Philippines — Multinational cybersecurity company Kaspersky recently revealed that targeted ransomware known as “Ransomware 2.0” attacks a company or organization through “pressure tactic.”
Kaspersky announced in a virtual conference that this year’s cybersecurity disease is “targeted ransomware.” The attack does not only hold the victim’s data as it also exploits the digital reputation in exchange for ransom.
According to Vitaly Kamluk, Director of Global Research and Analysis Team (GReAT) for the Asia Pacific (APAC) at Kaspersky, this year, around 61 entities from different countries were breached by a targeted ransom group.
Among the affected countries, Kamluk said, are Australia and India, recording the highest number of incidents.
Based on data by Kaspersky, the following industries suffered the most attacks by ransomware groups:
- Light Industry – includes the manufacturing of clothes, shoes, furniture, consumer electronics, and home appliances
- Public service
- Media and Technology
- Heavy Industry – includes oil, mining, shipbuilding, steel, chemicals, machinery manufacturing
“Targeted ransomware has been a problem for many Asian enterprises. Over 61 companies were breached this way in Asia alone. In some cases, the Maze ransomware gang claimed responsibility and published stolen data from the compromised companies,” said Kamluk in a statement.
Maze group, formed in 2019, was described by Kaspersky in a statement as “the most active and the most damaging of all.” In November last year, the group attacked the US-based security firm Allied Universal and leaked about 700MB of the company’s internal data online.
Aside from breaching 334 more companies and organizations, the group built its reputation by being one of the first groups to use the “pressure tactic.” The tactic involves threatening victims that all of the most sensitive data from their database will be leaked publicly.
“Pressure tactic is a serious threat to public and private organizations. This attack plays on companies’ digital reputation as it threatens to divulge data of a breached entity, compromising its security and its name at the same time,” Kamluk added.
Kamluk emphasized that digitalization has added another pressure points for a company. Before, companies only worry about issues concerning the business, industry, and government regulations. However, they should also be highly concerned about cybercriminals and attacks.
“Now, surviving in the era of digital reputation economy means that they should also be aware of business trust – with their partners and customers – as well as public opinion,” Kaspersky added.
A survey conducted by Kaspersky supported Kamluk’s claim. Data showed that 51% of users in APAC agree that a company’s online reputation is essential.
Meanwhile, about 48% said they avoid companies who were previously involved in a scandal or were featured negatively in a news online.
“Maze group just announced that they are closing down, but this gang just triggered the beginning of this trend. A successful targeted ransomware attack is a PR crisis which can damage an organization’s reputation, online and offline,” Kamluk shared
“Financial toll aside, fixing one’s name is quite a harder task to take which is why we urge public and private entities to take their security seriously,” he added.
Kaspersky then advised companies and enterprises to consider the following to prevent threats and attacks:
- Stay ahead of your enemy: make backups, simulate attacks, prepare action plans for disaster recovery.
- Deploy sensors everywhere: monitor software activity on endpoints, record traffic, check hardware integrity.
- Never follow demands of the criminals. Do not fight alone – contact Law Enforcement, CERT, security vendors like Kaspersky.
- Train your staff while they work remotely: digital forensics, basic malware analysis, PR crisis management.
- Follow the latest trends via premium threat intelligence subscriptions, like Kaspersky APT Intelligence Service.
- Know your enemy: identify new undetected malware on-premises with Kaspersky Threat Attribution Engine.
Subscribe to INQUIRER PLUS to get access to The Philippine Daily Inquirer & other 70+ titles, share up to 5 gadgets, listen to the news, download as early as 4am & share articles on social media. Call 896 6000.