Cybercriminals enlist customers to apply ransom pressure
Hackers have found a new way to put pressure on businesses that have been subject to a data breach – enlisting their own customers to call for a ransom to be paid.
Tech news site Bleeping Computer discovered that one particular ransomware gang, Clop, has sent emails directly to customers, contacts and partners of its victims, encouraging them to get in touch with the business and tell it to pay up.
The thinking is that companies won’t just be faced with demands to pay from the hackers themselves, but also their closest contacts.
A number of businesses have already been hit by Clop’s latest extortion technique, among them a bank, aerospace manufacturer and an online retailer. Similar messages, but not from the same cybercrime group, are also reported to have hit a US university and convenience store chain.
The typical email from Clop reads:
Good day! If you received this letter, you are a customer, buyer, partner or employee of <victim organisation>. The company has been hacked, data has been stolen and will soon be released as the company refuses to protect its peoples’ data. We inform you that information about you will be published on the darknet ( <link> ) if the company does not contact us. Call or write to this store and ask to protect your privacy!!!!
As brazen as this approach may seem, it shouldn’t come as much of a surprise. Cyber criminals have been emboldened in recent years by the successes of their ransomware attacks, even going so far as to release reports on their latest conquest that read almost like high profile press releases.
As ever in these scenarios, defence is the best form of attack, to ensure your own private data stores are not accessed in this way. The alternative, Tripwire notes, is to be faced with the scenario of not only having to handle the ransomware attack itself, but also “the headache of your extortionists actively contacting your staff, customers, or partners in an attempt to apply even more pressure on you to pay up.”