Sign In

Communications of the ACM

ACM TechNews

The Latest Cybersecurity Threat: Pay Us or We Release the Data

View as: Print Mobile App Share:
A Water Quality Monitoring Station of the Scottish Environmental Protection Agency.

The Scottish Environmental Protection Agency was the victim of a ransomware attack last December and had stolen data published.

Credit: Alamy

A new type of ransomware attack involves cybercriminals stealing sensitive data and threatening to publish it online if the victim does not pay a hefty ransom.

With the new attacks, victims not only have to contend with the initial ransom payment, but also legal and reputational risks depending on the information that could be leaked.

Coveware reports that 81% of ransomware attacks in the second quarter involved such threats.

Security experts are paying close attention to these new attacks because they could harm a company's customers, partners, and employees whose data was stolen.

Emsisoft's Brett Callow said attackers sometimes inform customers that their sensitive data has been stolen to increase pressure on the company to pay the ransom.

In cautioning against ransom payments, Callow said, "You are simply paying for a promise from an untrustworthy bad-faith actor that they won't further misuse the data they stole."

From The Wall Street Journal
View Full Article - May Require Paid Subscription


Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account