Ragnar Locker ransomware gang threatens to publish stolen data if victims contact authorities
Wednesday, September 8, 2021
Victims of Ragnar Locker include Italian drinks maker Davide Campari-Milano S.p.A, French shipping giant CMA CGM S.A. in September 2020 and Japanese video game developer Capcom Co. Ltd.
“These threats will certainly disincentivize many victims from contacting the authorities,” Ilia Kolochenko, founder of penetration testing company ImmuniWeb SA, told SiliconANGLE. “Nonetheless, in many ransomware cases, law enforcement agencies are of little to no help for the victims being overloaded with pending cases and complex investigations. But hiring external or internal professionals to meticulously investigate the incident is crucial for all victimized companies.”
Kolochenko explained that ransomware attacks sometimes involved fairly worthless information and that the publication of the stolen data may cause no tangible damage. But that is not always case.
“When regulated data, such as medical records, is stolen, breached companies have a duty to report the incident to competent authorities as a matter of law,” Kolochenko noted. “If they conceal the incident, they may face harsh legal ramifications including criminal prosecution. Furthermore, as countless cases convincingly illustrate, following the instructions of ransomware gangs never guarantees that your data won’t be leaked or resold sooner or later.” Read Full Article
IT PRO: Ragnar Locker group vows to leak data if victim calls police or FBI
ITWeb: WhatsApp slapped with second-largest GDPR fine of €225m