Ransomware victims pay a ransom to prevent their data from being leaked

Keeping backups is very important, especially in cases of Ransomware attacks. But it seems that hackers use new methods, so that even if someone has backups, they threaten to steal the stolen data to receive the ransom they ask for.

This can be very harmful, especially for Companies and organizations.

Last year, many successful ransomware gangs added this technique, in an effort to force victims to pay a ransom.

At the beginning of 2020, only the Maze ransomware used this tactic, but as time went on 17 other ransomware groups adopted this method.

According to the report "State of Ransomware" the company's Emsisoft, there are victims of ransomware attacks who are perfectly capable of restoring their network from backups and have done so successfully. Yet they still pay ransom of hundreds of thousands or millions of dollars in Criminals of cyberspace, in an effort to prevent leaks of stolen information.

"Like legitimate businesses, criminal ones adopt strategies that have been proven to work, and data theft has actually proven to work. Some organizations have managed to use backups to recover from attacks, paid the ransom just to prevent the publication of their data", Says the report.

Ransomware attacks targeted thousands of victims last year, including government agencies, healthcare facilities, schools and universities, and private companies.

According to the report, at least 2.354 government, health and educational institutions were hit by such attacks.

Some of the victims will pay the ransom to restore it as soon as they can systems while others will refuse and spend weeks or even months trying to come back. Some restore systems through backup but pay to keep their data from being leaked.

According to Emsisoft, the total cost of the financial damage caused by ransomware attacks is in the billions.

However, while ransomware attacks are still harmful to a significant number of organizations, there are relatively simple steps that can be taken in an effort to protect against ransomware and other malware attacks.

Fishing (Phishing) remains one of the main methods of distributing ransomware, so organizations should try to make it clear to their employees the importance of being careful when opening emails and attachments and reporting anything suspicious.

Agencies should also make sure that they have developed a good correction strategy and that they have implemented the latest security updates. This prevents cyber criminals from exploiting known vulnerabilities to distribute malware.

Regularly updating backups should also be a priority, because if the worst happens and the body is attacked by ransomware, the network can be restored without having to pay a ransom.