New Cybersecurity Trend: Ransomware Gangs are Cold-Calling Victims Attempting to Restore Backups Without Paying the Ransom

New Cybersecurity Trend: Ransomware Gangs are Cold-Calling Victims Attempting to Restore Backups Without Paying the Ransom

Since August, a new trend has been emerging in the cybersecurity space. Ransomware gangs are taking their cyberattacks to the next level in an attempt to place pressure on victims -- they are now cold-calling victims when they suspect a hacked company is attempting to restore from backups to avoid paying ransom demands.

As this trend has emerged, it's more commonly used as an escalation tactic by ransomware gangs, with the goal being to force corporations who've experienced encryption due to ransomware to pay full ransom demands. 

Using this tactic, common ransomware gangs include Maze, Conti, Sekhmet, and Ryuk, among others. Further, cybersecurity firms are discovering that these gangs are likely using the same outsourced center group. It's been reported that callers carry a heavy accent, suggesting English is not their first language. Recorded call transcripts find callers threatening victims attempting to install antivirus software, demanding they pay the ransom immediately. 

This continually emerging trend looks to replace common previous ransomware gang tactics, which in the past have included the use of ransom demands that double in value if unpaid by victims in a specified amount of time. Other former tactics include threatening to leak sensitive documents on "leak sites" if the ransom is unpaid or threatening to call journalists about the breach. 

While this trend is new, this is not the first time ransomware gangs have employed cold-calling to threaten cyberattack victims--and it will likely not be the last iteration of their attempts.

As you consider your cybersecurity plan for your organization heading into 2021, consider how you are educating your employees on handling cybersecurity attacks. This includes everything from what to do if they believe they are victims of an isolated attack, and also what to do if the organization as a whole is attacked. Preparing your employees will both prevent attacks and minimize the extent of attacks that do take place.

Questions on how to protect your organization or how to prepare your employees to handle cyber attacks? PK Tech can help. Contact us here