Total Tests:

BlackByte is Back and Acting a Lot Like LockBit

By Teri Robinson for Security Boulevard
Thursday, August 25, 2022

“Ransomware extortion campaigns have become increasingly more creative and damaging. I wouldn’t be surprised if later this year cybercriminals start offering credit services to victims, so the latter can pay ransom in installments; somewhat usurping the role of banks in cyberspace,” said Ilia Kolochenko, founder of ImmuniWeb and a member of the Europol Data Protection Experts Network.

Kolochenko questioned the conventional wisdom that advises victims not to pay up. “Despite the fact that many law enforcement agencies are publicly recommending not to pay the ransom, under a narrow set of circumstances it can be the least costly way to minimize the damage of a data breach—subject to rigorous analysis and considerations,” he said.

But victims shouldn’t just pay willy-nilly. “First, an external law firm should carefully assess the legality of payment, for instance, so as not to violate U.S. sanctions when paying in cryptocurrencies as expressly warned by the OFAC,” said Kolochenko. “Second, victims should always bear in mind that payment cannot and does not guarantee that the data will be securely deleted or returned: Copies or backups may have already been shared with third parties unbeknownst to the victim.”

Finally, he noted, “Aftershock attacks are a relatively new phenomenon to consider: Once a wealthy victim pays a ransom, other smaller threat actors immediately try to break in while the vulnerabilities are not yet patched; they’re motivated by the victim’s willingness to pay. In sum, payment of a ransom is a slippery slope that requires meticulous scrutiny both by legal and technical professionals.” Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential