Updated ‘StopRansomware Guide’ warns of shifting tactics

CISA updated its “StopRansomware Guide” this week to reflect a changing threat landscape that has seen a shift from double-extortion tactics as attackers rely solely on data theft and leaks to pressure victims into paying.

Double-extortion, where threat actors exfiltrate and threaten to leak stolen data as well as encrypt victims’ systems, saw a significant uptick among ransomware groups beginning in 2019 because it successfully pressured organizations into paying ransoms. However, recent attacks, vendor reports and government advisories illustrate how attackers are now returning to a single-extortion approach and choosing new targets such as VMware ESXi hypervisor servers to claim victims at scale.
The transition led CISA to make the first update to its “StopRansomware Guide” since the guide was published in 2020. O …

Lees verder…….