Cyber gangs use a number of tactics to intimidate their targets into paying their ransoms. Victims are often threatened or blackmailed via email into doing what these cybercriminals want.
Most recently, these cyber gangs are using a new medium to carry out this intimidation method: calling their victims. They make these calls after they successfully infect a company’s system with ransomware.
Keep reading to find out more about this new intimidation tactic as well as how to defend yourself against ransomware cyber attacks.
Ransomware Victims May Receive Threatening Calls Now
The ransomware cyber gang, DoppelPaymer, first appeared in 2019 and continued to victimize companies throughout 2020. DoppelPaymer’s ransom demands range in size but still pose a significant problem for companies. They threaten to publicize companies’ sensitive data on their leak site to further coerce companies into paying up.
In November 2020, the cyber gang released its ransomware onto one of Foxconn’s facilities. Before that, they “encrypted about 1,200 servers, stole 100 GB of unencrypted files, and deleted 20-30 TB of backups”. They asked for 1804 bitcoins as ransom from the company.
It is unclear whether Foxconn received a call from DoppelPaymer. But, after this happened, the FBI confirmed that DoppelPaymer had started calling victims after unleashing ransomware on their systems. This act aims to coerce and intimidate their victims into meeting their ransom demands.
Other ransomware cyber gangs, like those responsible for Conti ransomware, also use this intimidation tactic now.
For instance, in September 2020, a Georgia dental practice was attacked by the Conti cyber gang. They had observed some abnormalities within their system, which led them to clear their server and then restore everything from backups. Only then did they receive an intimidating call from the cyber gang. Before that, they had not realized they were a victim of a cyberattack.
So, What To Do If This Happens To You?
First things first – stay calm. It can be very stressful to find yourself on the end of a menacing phone call demanding ransom. But it’s important to remain calm even if the cybercriminal says they know where you live.
Many security professionals believe that a lot of these calls from cyber gangs actually originate from overseas call centers. This minimizes the likelihood of physical interaction. There is even some evidence to suggest that multiple ransomware cyber gangs use the same call center. This is because many of them seem to use the same templates and scripts when they call the victims of their attacks.
But, in the unfortunate event that you are targeted by a ransomware attack, you should go to your local police or RCMP branch immediately. You should do this even if you don’t receive a call from the cybercriminals responsible.
Authorities also advise that you shouldn’t give in to the ransom demands because the cyber gang may not even release or delete your data afterward.
Protect Your Business From Ransomware Cyber Gangs
Here are some measures that your company should take to help keep you safe from cyberattacks:
- Use privileged account access. Give your employees or users the minimum amount of access they need to do their jobs/tasks.
- Disable any remote access to your network that is not necessary. On devices where remote access is required, make sure that it is properly secured.
- Track all network traffic, systems, and resources to identify and report any suspicious activities or transactions that occur.
- Put multi-factor authentication in place for employees.
- Use enhanced passwords. These should be unique and contain at least 8 characters as well as numbers, letters, and symbols.
- Educate and train your employees on cybersecurity and best practices so they know how to protect themselves and the company. It’s critical that they are cautious of suspicious emails and links.
- Keep your software and firmware up to date in order to patch any security vulnerabilities
- Create and store backups in a separate network location.
- Run tests on your system. “Penetration” tests can help you to identify any gaps or weaknesses in your system’s security so that you can fix them.
- Check if you have Cyber Liability insurance. It’s good to know your coverage in case you do fall victim to ransomware or other cyberattacks.
If you follow the above practices and focus enough resources on cybersecurity, you will minimize the risk of attacks on your company. MicroAge can help. Contact us today.
How to Keep Your Business Compliant with GDPR and PIPEDA Regulations
Identity protection and data security are the buzzwords of the tech industry, with laws like GDPR and PIPEDA being put in place to protect an…
Rethinking Your IT With A Decentralized Workforce – Chapter 2: Collaboration with Microsoft 365
With remote hybrid work increasing during the pandemic, it is vital to know how you can rethink your IT. Collaboration tools are essential when your…
Top Data Back Up Best Practices
Data backup is a crucial step to preventing data loss whether from cyberattacks, ransomware, accidental file deletion, natural disasters, and other threats. The key is…
Ransomware Beliefs That Can be Detrimental to Organizations
Although ransomware attacks continue to increase, many organizations still don’t believe that it could happen to them or that they should do anything to prepare…
3 Crucial Ways that Online Collaboration Software Helps Your Business
In today’s fast-paced world where consumer tastes seem to change every hour, your business needs to keep up with these changes as fast as you…