Ransomhack: A New Form of Cyberattack Emerges

Cyberattacks written on translucent black space

A new method of hacking for ransom has emerged in Europe following the implementation of the data protection law, GDPR.

Hackers can always be expected to come up with brilliant ideas to exploit vulnerable sections of society.

Right now in Europe, businesses are increasingly concerned about hackers using a new privacy law to extract ransom from them.

This new game called “Ransomhack” is being reported where hackers would break into a company’s servers, steal private data and then send a ransom note with the threat that non-payment would result in the data being posted on a public platform.

This would further result in the company being hauled up under General Data Protection Regulation (or GDPR), the European Union’s new law on data security.

GDPR states that any company found to be lacking adequate security to the data residing on their servers could be punished with very heavy fines. Businesses are naturally mortally scared of being accused of violating these regulations.

Strict Law and Heavy Penalties

As mentioned, companies or organizations that collect data—particularly of individuals with the assurance that they will not disclose them to any third party—must have the appropriate security systems in place so that the data is secure and not vulnerable to cyberattacks or data theft.

If any such violation is reported, then they can be asked to pay up to €20 million. The penalty can even be computed on the basis of the annual turnover of the offending organization—possibly amounting to 4 percent of that figure.

These are amounts any organization would find very difficult to part with. They would rather spend a fraction of the cost to enhance the security of their servers to prevent any form of cyberattack.

It is this threat that the hackers are exploiting through Ransomhack.

Bulgarian Group Reports Hack

The information on this new form of cyberattack has come from industry experts at Tad Group, a Bulgarian security firm.

In any normal hack or ransom attack, the attackers would make a jailbreak and quickly encrypt the files and demand a ransom to decrypt the data.

The data would be sitting on the victim’s server and once the payment is transferred, the data would then get released.

But in the case of Ransomhack, the hackers are telling the victims that if they don’t pay the ransom, they would disclose the data to the outside world—meaning the authorities will be notified of the GDPR violation and the resultant penalty.

According to reports, the ransom being demanded ranges from $2,000 to around $20,000. The victims are being directed to pay the ransom in cryptocurrency, as has been the norm with hackers in recent times.

It gives them the cushion of not being traced even if investigators try to locate them through the payment trail.

Apart from Tad Group, many companies in Bulgaria are also reported to have suffered in the hands of these hackers ever since the GDPR came into effect.

Hacks Not Unexpected—Measures to Prevent Ransomhack

A hacker or cracker tries to hack a security system to steal or destroy critical information. Or a ransom of important information of the company.

Hackers can always be expected to come up with brilliant ideas to exploit vulnerable sections of society.

Interestingly, leading cybersecurity firm Trend Micro had already foreseen in its 2018 Security Predictions report that hackers would exploit vulnerabilities using the GDPR threat for ransom.

They had even partly predicted the modus operandi that the hackers would employ, quite similar to what is being reported by Tad Group now.

While there may not be a foolproof method to stop or prevent cyberattacks like Ransomhack, there are many steps that the system administrators can take to protect their data.

One of the suggestions relates to conducting penetration tests. These tests are conducted by leading cybersecurity agencies.

They’re not very different from the mock drills that some law enforcement agencies regularly conduct to check if their systems respond appropriately.

Here, a typical Ransomhack-like attack is mounted to check the efficacy of the anti-malware system installed in the server; the test will attempt to steal data as a typical outside hacker would do, but with prior knowledge of the owner of the data.

In addition, organizations that employ a large number of people may have to conduct tests to ensure their employees are above board.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.