Creative Ransomware Extortion; Further Malware Capabilities With ChatGPT

The Blackcat-Western Digital Ransomware Cyberattack Serves a Good Example of How Extortion Techniques Will Change Risk And Impact For Targeted Victims

Threat actors were able to tap into webcams of employees at Western Digital meetings and threatened to release the media they captured. No further indication was given of what the stolen media possibly shows. The point demonstrated in the latest evolution of ransomware syndicates is an increased focus now to extort victims via new creative means that don’t involve any data recovery.

With techniques similar to the Western Digital-Blackcat cyberattack, threat actors are increasingly leveraging victim data in new ways to damage personal or group reputations. This more personal technique will be further explored by new and current major ransomware syndicates, like Blackcat, in new creative ways to maximize pressure on organizations to pay. (1) This technique is likely to see significant adoption among ransomware syndicates because it shifts the risk calculation to victims beyond simply time and money.

The downside of this development for security professionals is that the evolving cyberattacks may become more difficult to predict once the threat actor breaches the network. Security professionals are accustomed to modeling ransomware by focusing on high-value intellectual property as it relates to vital proprietary data. Threat actors may less often seek out high-value companies, and may now instead shift to targeting vulnerable or risk-averse individuals. IT security will not likely be able to anticipate new creative use cases for data -that ransomware syndicates are now hunting- which were not previously considered.

*** This is a Security Bloggers Network syndicated blog from EclecticIQ Blog authored by Aleksander W. Jarosz. Read the original post at: https://blog.eclecticiq.com/creative-ransomware-extortion-and-further-malware-capabilities-with-chatgpt