Ransom leaks are on the rise; today we explain what this new cyber-threat is all about
I’m sure the word ransomware is still ringing in your head. An attack of this type, specifically the one known as Wannacry, turned the world upside down in the spring of 2017, when huge amounts of data belonging to very large companies were revealed and their computer systems were massively breached. This type of attack cannot be forgotten, as Cisco warned in its latest quarterly report “Cisco Talos”, where it listed ransomware attacks as the main threat to users. Well, our “friends” are undergoing a transformation into what is known as ransom leaks: the new craze in cyber-attacks.
What are these ransom leaks? Well, attacks of this type go one step further than data breaches; they are based on the extortion of victims through the publication of this data. Ransom leaks, which are kind of an extension of ransomware-type campaigns, copy the victim’s confidential data and encrypt it, denying the victim access to their own data. Once this happens, the attacker demands a ransom for the decryption. If the victim refuses to pay the ransom, the cybercriminals threaten to publish the copied data on their leak websites. Every day, new organisations fall victim to this type of cyber-breach, as evidenced by the movements of the hacker group responsible for the Conti ransomware, which now has 320 victims and is the most active hacking group in this new form of ransomware.
How can we prevent a ransom leak attack?
Preventing cyber attacks means having the necessary tools for a powerful security network. Situations such as digitalisation, with its consequent exposure of data, and new working models, with multiple connections from unknown networks, mean that the security systems we have known up to now have become stagnant.
This is why, nowadays, to the data-digitisation binomial, a third leg must be added: cybersecurity, which implies deploying advanced solutions that guarantee the security of IT equipment and the teams responsible for operational processes. And this applies to any sector.
Ikusi’s cybersecurity solution monitors web traffic by combining security and control mechanisms applied to web browsing, email and cloud applications (SaaS) to reduce risks derived from the use of these platforms and protect the organisation and its customers. The company, with more than 50 years of experience in the sector, offers a demo to protect you thanks to the application of intelligence that fights threats on multiple fronts.
This cybersecurity solution inspects traffic and enforces policies that restrict access to unauthorised or risky websites, blocks the receipt of spam and malicious attachments. It also detects risks and anomalies in the behaviour of common SaaS applications, such as logins from unauthorised locations or the sending of confidential or sensitive information outside the organisation.
This solution is based on the combined application of best-of-breed tools, such as Cisco Secure Email, blocking ransomware delivered via spam and phishing emails; Cisco Umbrella, improving security visibility and detecting compromised systems; Cisco Secure Endpoint, protecting against endpoint ransomware; Cisco SecureX, dramatically reducing dwelling time and human-driven tasks; Cisco Secure Access by Duo, preventing adversaries from using stolen credentials to establish a foothold; or Cisco Secure Network Analytics, through agent-less network problem detection and network traffic monitoring.
What are ransomware attacks?
Ransomware is a type of computer attack whose aim is to compromise the security of a computer, manage to sneak inside and hijack the information stored on it, and then demand payment to recover the data and avoid collateral damage.
This type of attack has become the daily routine for thousands of companies, which in many cases do not have the necessary security measures in place to stop these attacks. This puts the confidentiality of an incalculable volume of key company data at risk.