Pressure, Peer and Otherwise: Ransomware and Data Theft Go Hand-In-Hand
Data theft is now a well-established element of ransomware attacks, according to John Shier, a Senior Security Expert at Sophos. In a blog post (summarized by iTwire), Shier noted that in the past, ransomware was straightforward and transactional. Attackers would encrypt an organization’s data and hold the decryption key for ransom. If the victim paid up, the attackers would often keep their word and provide a working decryption key, which encouraged future victims to pay the ransom as well. It’s possible that data may have been exfiltrated during some of those attacks, but data theft wasn’t a central part of the attackers’ strategy.