There has been a shift in ransomware and how threat actors choose to exploit and receive paydays from their attacks. The traditional method of holding a company's data hostage is starting to phase out, and a new strategy has emerged. Threat actors are not choosing to extort compromised entities to ensure their payment terms are met. Instead of hoping the affected company pays the ransom fee, threat actors have decided to resort to blackmailing the entity into payment.
The threat group carries out this blackmail technique by reaching out to the affected entities' top clients and informing them that they have compromised their vendor in hopes that they will encourage the compromised entity to pay out the ransom fee successfully.
Why the shift in strategy? Well, believe it or not, the leading cause for this change is directly related to cyber insurance companies. The insurance firms are no longer just willingly paying out the ransom fees. Cyber insurance providers are now enforcing more stringent requirements on entities to ensure they are doing everything possible to prevent or mitigate attacks. One of the main requirements is that companies must have a backup process that allows them to quickly scale up in case their data is ever seized in an attack. The FBI strongly encourages companies to review their coverage details to maximize their coverage and fully understand the requirements for ransomware payments to be issued. With these backup requirements in place, it has essentially nuked that traditional vector of compromise for threat groups; thus, they have shifted to attempt to damage your reputation by blackmailing you or your customers instead.
Luckily, TetherView can help to restrict the overall attack surface as well as increase your team's proficiency as it pertains to response or patching efforts. The TetherView Digital Bunker help reduce the attack surface by enforcing gold baseline standards across the enterprise. Also, when using the Digital Bunker, you can ensure patching efforts are calculated and fast to provide maximum vulnerability coverage.
The Digital Bunker also provides each VDI accessed host with a custom private cloud backup offering designated to store backups in three different data centers to ensure availability. With backups, patching efforts, and security protection all managed by TetherView, you can rest assured that you will have increased visibility on all hosts and the best possible protection from this new wave of ransomware extortion that has hit the internet.