SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Black market dedicated solely to data leaks emerges - report
Mon, 14th Jun 2021
FYI, this story is more than a year old

Ransomware attacks are gaining momentum globally across industries, and businesses are being warned against a black market dedicated solely to data leaks.

According to threat intelligence firm IntSights, industries including energy, financial services and government, are increasingly under threat of cyberattacks, with ransomware proven to be highly disruptive to businesses and even entire nations.

IntSights has released research The Evolving Ransomware Threat: What Business Leaders Should Know About Data Leakage. The report found average ransomware payments have gone up by a staggering 2,500% from $10,000 to $250,000 in Q3 2020 since late 2018.

Fuelled by RaaS (ransomware-as-a-service) available on the dark web, and the anonymity of cryptocurrency, even inexperienced users can launch their own ransomware attacks and gain profit while remaining completely elusive, according to the research.

Moving beyond single, operational-level challenges in taking a company offline and demanding payment to restore operations, ransomware today often involves systems encryption and stolen data publication threat, capable of crippling critical infrastructures.

In 2021, the outcome of attacks have been found to be more severe. Researchers at IntSights discovered ransomware groups operating in a multichannel mode, where they auction some of the full data leaks. This means that when a company is attacked with ransomware, it is working against the clock to get back on its feet, and is also in danger of losing its data to an unknown entity, possibly without knowing what data was compromised and who else has access to it.

Other highlights from the The Evolving Ransomware Threat: What Business Leaders Should Know About Data Leakage research include:

Emergence of the black market dedicated solely to data leaks
Collaboration between attackers and sellers where a ransomware group can hack into an organisation, extract the information, sell it to a third-party in the black market, and only at this point inform the victim.

Ransomware attacks and motivations will continue to evolve
Cyber threats will involve more than loss of functionality or physical damage. There will be more and more versions and appearances of data theft, leakage, and trade over the coming years.

Increasing involvement of law enforcement
Previously, law enforcement organisations were not heavily involved within most areas of the dark web crime landscape. However, some have recently stepped in to take down these cybercrime operations as these attacks have sparked national interest in protecting critical infrastructure, and we might see more law enforcement organisations step in in future attacks