It’s about that time again, isn’t it? It’s been a while since we’ve had a significant (or, depending upon your perspective, radical) shift in the cyber crime eco-system, so maybe we’re due.
What am I referring to? Back in 2019, we saw a shift in ransomware attacks, where threat actors began not only stealing data, but leveraging it as “double extortion”. Up to that point, the “plan” had been to encrypt files, maybe post something publicly to let the world know that this organization had been impacted by your efforts, and hope to collect a ransom. The shift to “double extortion” moved things to a whole new level, and while there’s some discussion as to whether this started in November 2019 with Maze, or if it actually started sooner…some have anecdotal information but cannot point to any public statement to the effect…the fact remains that the game shifted. In the ensuing four years, we’ve seen quite a bit of damaging information released, and maybe none was more disturbing than what was discussed in the ransomware attack against Minnesota Public Schools, in Feb, 2023. The school system refused to pay the ransom, and the stolen data was released publicly…a brief reading of what was in the dump gives you a brief look into the devastation caused by the release of this data.
Something else to consider is the impact of the insurance industry on the cyber security market, a topic that was This article has been indexed from Windows Incident Response
Read the original article: