A recent ransomware incident on Campari, the Italian alcoholic beverages producer, took a new twist in terms of hiking up the pressure on its victims. Instead of using the perpetrator’s usual darkweb blog site to advertise their conquest and the victim’s data, they opted to hijack a Facebook advert to brandish the victim’s breach. This is certainly an unprecedented tactic which pushes the boundaries for ransomware groups beyond what the security community has grown accustomed to seeing in the last 2 years.
What this case highlights is that ransomware attacks are not likely to wane any time soon, instead the level of chicanery by these groups is only going up a level and exploiting all possibilities at their disposal for embarrassing their victim to apply pressure on them to pay.
CyberSolace posits that future trends for ransomware attacks will likely focus on tactics that aim primarily to tarnish the victims’ brand and exposing them to regulatory penalties instead of simply locking their data. This will become increasingly prevalent as companies’ general awareness of the impact of ransomware is heightened and their attention to maintaining solid data backups is bolstered. Consequently we envisage that the next step in the evolution of ransomware will focus almost entirely on the embarrassment and liability factors through exfiltration and brandishing of stolen sensitive data as opposed to denial-of-access to data.
Full details of the Campari case were covered in the ThreatPost website on 11-Nov-20.
Click the button below to read the full details of the case.