Ransomware attacks have evolved once again, giving C-suite executives a serious cause for concern.
According to a new report from ZDNet, some ransomware operators are no longer casting a wide net across an organization in the hopes of finding sensitive data to encrypt. Instead, they're specifically targeting computers and other devices used by managers and top executives. They hope that these devices hold the most valuable information that might improve their bargaining position.
So far, operators of the Clop ransomware have been spotted deploying this tactic, and one enterprise has been forced to pay a multi-million-dollar ransom as a result.
"This is a new modus operandi for ransomware actors, but I can say I'm not surprised," explained Stefan Tanase, a cyber intelligence expert at the CSIS Group. "Ransomware usually goes for the 'crown jewels' of the business they are targeting."
Besides targeting upper management, some ransomware operators have also started cold-calling affected businesses if they sense the target might deploy a backup solution instead of paying the ransom. On these calls, the attackers threaten to leak the stolen data online if their demands are not met.
Businesses dread having their data exposed for multiple reasons, including huge fines from data watchdogs and the possibility that competition might see their dirty laundry. However, cybersecurity experts warn against paying the ransom, because there is no guarantee attackers will return the data and the door remains ajar for secondary extortion attempts.