- Rainsmare attacks often include more than secreting files
- In many cases, the attackers threaten the victims of torture
- They also enter reports with SEC
When it comes to results, the Ranksware groups appear to be disappointed, as in addition to encryption and leak on the web, they have also begun threatening the CEO with physical violence.
Researchers at CyberScureti, Simpress, claimed to have been physically risking the CEO of the affected company during the last 12 months, which increased by 46 % in US -based organizations.
But even paying may not be enough, because more than half (55 %) organizations found in this research who have paid the demand, almost a third of these firms pays (29 %) three or more times, and 15 % were not sent, or did not receive the corridor keys.
You can like
Physical torture
Simpress found that the threat to file a regulatory complaint also appears to be a popular plan. This was seen in 47 % of the attacks, which increased to 58 % in the United States.
In 2023, the notorious Black Kate Rensamware Group reported one of its victims to the SEC to report the rising regulatory requirements around the cyber event, including a four -day SEC disclosure principle for publicly traded companies.
Rainsmare has been going on for more than a decade, and has been manufactured several times in the meantime. It started with only encryption, whose companies quickly reduced the offline backup of all important data.
The culprits then stole the figures first, and threatened that until the payment was made. This strategy, known as “double extortion”, works better instead, in fact that some criminals completely abandon the encryption section and focus on stealing only files.
However, many companies refuse to ring, and force criminals to even greater.
In some cases, they connect the backbone encryption with the DDOS, the DDOS, in the front end, which stops the entire business. Phone calls were also seen in a couple of cases to the affected organizations, and now, we can add physical risks to this compound.
Mikey Bresman, CEO of Sampress, noted, “Although some conditions can leave the company in a non -electoral situation, we must acknowledge that this is a payment of the next attack.”
He commented, “Each dollar handing over the Ranksware groups has fuel their criminal economy, and encouraged them to strike again. The only real way to break the Ranksware is to invest in flexibility, which will create a ransom.”
