Imagine not only getting hit with ransomware but being forced to either pay the ransom or risk having your data publicized. Which would be more severe to you and your company? That’s certainly not a pleasant predicament for anyone to be in.
That just may very well be the new norm for some companies, reports BleepingComputer’s Lawrence Abrams. Sodinokibi operators, the nasty ransomware threat that’s been targeting MSPs, have stated that they will start publicizing stolen data should victims not pay the set ransom. The example company mentioned was the recently targeted CyrusOne data center. Sodinokibi threat actors state that if the company doesn’t pay the ransom, they will publicly release the stolen data or sell it to its competitors. What’s more costly – the ransom or the selling of sensitive data? Worse yet would be actually paying the ransom only to have the data leaked anyway.
These threat actors may follow suit of the Maze ransomware threat actors who threatened Allied Universal in such a manner. After Allied Universal failed to pay the ransom, Maze threat actors released about 700 MB of their data to a hacking forum. The time has come where ransomware attacks may very well be data breaches.