over the last 2/3 years a new businessmodel emerged, mostly driven by opportunity/chance and a growing technical attack-surface:
- hack a corp/datacenter that looks like itÄs easy exploitable
- exfiltrate data
- demand some ransom for NOT publishing the data
- Profit!!!!1! or data-release
With an ever-increasing attack-surface, more vulns than ever publishedand still enough CIOs/CISOs/CTOs no yet ready to adress the problems of an external attack-surface, easy-going for the criminals.
Citycomp: Hackers Steal and Ransom Financial Data Related to Some of the World’s Largest Companies
500+ GB of data was stolen from Citycomp, which provides internet infrastructure for dozens of companies including Oracle, Airbus, Toshiba, and Volkswagen.
Hacker Threatens S. Korean Nuclear Power Plants If Ransom Not Paid
A hacker that claims to have compromised sensitive data belonging to South Korea’s power plants has threatened to share the information with other countries if a ransom is not paid. The unknown attacker released some information related to the power plants via Twitter on Thursday.
Ransom Moves: The Dark Overlord Keeps Pressuring Victims, Demanding Bitcoins
Hiscox, Lloyd's are breached and threatend with ransom: "The incident involved illegal access to information stored on the law firm's server, which may have included information relating to up to 1,500 of Hiscox's U.S.-based commercial insurance policyholders," Hiscox said in its April 2018 breach notification. "The law firm's systems are not connected to Hiscox's IT infrastructure and Hiscox's own systems were unaffected by this incident."
FT: Hiscox, Lloyd’s and Husch Blackwell said to be targets of ‘The Dark Overlord’
The FBI is investigating the theft of 18,000 insurance and legal documents relating to the September 11 attacks on the World Trade Center by a hacker with a long record of holding companies to ransom, according to two people familiar with the matter.
On 23 April this year, a Tel Aviv District Court sentenced a man for hacking the Bank Yahav’s computer system and attempting to blackmail the bank for millions of dollars’ worth of Bitcoin. The individual accessed the bank’s database and compiled a list of its wealthiest clients with the intent to sell their information to the highest bidder on the dark net.
In Feb 2017, a medical provider in Uruguay got hacked. The attacker stole a bunch of patient records and then used that to conduct extortion on the provider. They said they’d release the records of everyone with HIV unless they get $60,000 worth of bitcoin.
[Rex Mundi: The hackers used to steal sensitive information from the victims, then they demanded fees for not disclosing the stolen data](https://securityaffairs.co/wordpress/73584/cyber-crime/rex-mundi-dismantled
Fragen? Kontakt: firstname.lastname@example.org