Breach Response Hotline, Call 833.997.7327

Contact Us

Breach Response Hotline, Click to Call

Contact Us

Ransomware

Ransomware Auctions: The Newest Plan of Attack

Caleb Boma | June 10th, 2020

 

In their continued effort to make ransomware more painful, many criminal ransomware groups have recently turned to auctioning off data they have stolen to the highest bidder. Groups like REvil, Sodin, or Sodinokibi are known to be engaging in this type of data dissemination.

Ransomware Auction Data

They start by releasing small amounts of specific information to prove what information they obtained during the cyberattack, and then proceed to threaten that more could be released. They will attempt to get the main owner to pay a ransom to both unlock their data and prevent the disclosure. But, if the owner doesn’t pay or doesn’t want to pay enough, the ransomware operators are turning to a public auction.

These ransomware groups aim for content that is of the highest importance to potential buyers: financial transactions, insurance data, scanned images of driver’s licenses belonging to the company’s customers, employee emails, confidential data from conference calls, and other personal statements. This data is something you are obligated to protect.

A ransomware attack today is especially tough for companies during a time when they may have already encountered coronavirus-caused financial struggles. No company wants to face these exponential struggles, so it is vital to prevent this from happening to yours. A small investment in security can go a long way to prevent something like this from happening to you.

A robust security program will include the following capabilities and technology:

  1. A 24/7/365 Security Operations Center (SOC) to stop cyber threats at any time
  2. User Behavior Monitoring to protect your weakest link, your employees
  3. Malware Prevention to prevent intrusions and ransomware
  4. Threat Intelligence to continuously monitor the dark web
  5. Cloud SIEM (Security Information Event Management) to correlate data across your IT environment
  6. EDR (Event Detection and Response) to gain advanced visibility onto computer systems regardless of location
  7. Managed Incident Handling to ensure that when an event happens it is properly responded to

For more information on how to protect your environment, visit speartip.com or email info@speartip.com to speak with a cybersecurity professional.

24/7 Breach Response: 833.997.7327

Categories

Connect With Us

Facebook Twitter Youtube Linkedin

Featured Articles

Possible Cyberattack
Possible Cyberattack During 2024 Summer Olympics
15 April 2024
Tabletop Exercises
Tabletop Exercises: Transformative Impact on Companies
12 April 2024
Vulnerability Assessments
Vulnerability Assessments: Why It's Imperative in Digital Landscape
10 April 2024
New Cyber Guidelines
New Cyber Guidelines Helping CEOs Respond to Cyberattacks
05 April 2024

See ShadowSpear in Action

Identify, neutralize, and counter cyberattacks - provide confidence in your security posture

Schedule a Demo Today

Frequently Asked Questions

What measures can individuals and organizations take to protect themselves from ransomware attacks and minimize the risk of their data being auctioned off?

In order to protect themselves from ransomware attacks and reduce the risk of their data being auctioned off, individuals and organizations can implement several measures. These may include regularly updating all software and operating systems, using strong and unique passwords, enabling multi-factor authentication, educating employees about phishing and social engineering techniques, conducting regular backups of important data, and employing robust cybersecurity solutions such as firewalls and anti-malware software.

Are there any legal consequences for the criminals who engage in ransomware attacks and subsequently auction off the stolen data?

Engaging in ransomware attacks is generally considered illegal in most jurisdictions. Perpetrators can face criminal charges, which may vary depending on the severity of the attack, the amount of damage caused, and the jurisdiction in which the crime occurred. Penalties may include imprisonment, fines, or both.

Is there any way for law enforcement agencies or cybersecurity firms to track down and retrieve the auctioned data in order to return it to its rightful owners?

Law enforcement agencies and cybersecurity firms often work together to investigate and mitigate ransomware attacks. They may employ various techniques such as analyzing network traffic, tracing bitcoin transactions, infiltrating criminal networks, or collaborating with international counterparts to identify and apprehend cybercriminals. While the recovery of auctioned data may be challenging, such efforts can potentially lead to dismantling criminal operations and returning stolen data to its rightful owners.

Stay Connected With SpearTip

Inside the SOC Newsletter

View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.
Subscribe

ShadowSpear Platform

Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.
Learn more

ShadowSpear Demo

Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.
Schedule a Demo

24/7 Breach Response: US/CAN: 833.997.7327

Main Office: 800.236.6550

Email Us

1714 Deer Tracks Trail, Suite 150

St. Louis, MO 63131

Navigation

Connect With Us

Twitter Linkedin Facebook

©2024 SpearTip, LLC. All rights reserved.