The Week in Ransomware - June 16th 2023 - Wave of Extortion
The MOVEit Transfer extortion attacks continue to dominate the news cycle, with the Clop ransomware operation now extorting organizations breached in the attacks. [...]
Stay updated on cyber extortion trends: threats, prevention tips, and incident responses. Protect your data with the latest info on digital ransom tactics.
Search across headline titles and summaries.
Background for this topic.
Extortion is coercion through threats: an attacker demands money or another concession while threatening harm if the victim refuses. In cybersecurity, this commonly involves encrypting systems and demanding payment for recovery, stealing data and threatening to publish it (often called double extortion), or threatening service disruption. The threatened harm may be real, exaggerated, or based on data the attacker did not actually obtain; payment does not guarantee data deletion, secrecy, or restoration.
Security teams should treat an extortion demand as a potential incident: preserve evidence, isolate affected systems, determine whether data was accessed, and involve legal and privacy specialists where notification or regulatory duties may apply. Offline, tested backups can reduce leverage from encryption, but they do not address stolen information. Reviewing exposed remote services, credentials, and unpatched internet-facing systems can help contain the access path, while threat intelligence may help assess the attacker’s claims and identify related activity.
The MOVEit Transfer extortion attacks continue to dominate the news cycle, with the Clop ransomware operation now extorting organizations breached in the attacks. [...]
Progress Software scrambles to release a new security update
Progress Software on Thursday disclosed a third vulnerability impacting its MOVEit Transfer application, as the Cl0p cybercrime gang deployed extortion tactics against affected companies
A third perp has been fingered, but CISA warns that LockBit variants continue to be a major threat on a global scale.
The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks by listing them on a data leak site, a common extortion tactic used as a precursor for the public leaking of stolen data. [...]
How can organizations defend themselves more effectively against ransomware and other forms of cyber extortion? By “shifting left” and adopting proactive cybersecurity strategies to detect attacks sooner, mitigating breaches before they cause harm.
The attack highlights growing interest among threat actors to target data from software-as-a-service providers.