Cyber attackers are evolving more sophisticated, three-pronged attacks to steal organisations’ funds, starting with data exfiltration and encryption, followed by extortion.
Forensic investigator Darren Hopkins, a partner with McGrathNicol, describes a “cyber-threat pandemic” and says threat actors will compromise a system, exfiltrate private and confidential information, then encrypt it and extort a ransom for return of the data and a decryption code.
If no ransom is paid, they auction the data on dark web marketplaces.
“A surge in revenue means threat actors can invest in research and development of new tools to evade detection and bypass security systems,” Mr Hopkins told a webinar hosted by underwriter Emergence Insurance.
Attended by more than 1800 brokers and their clients, the Emergence webinar heard that the attackers are now likely to be organised crime or state sponsored, rather than sole operators. These threat actors engage in professional business correspondence with victims, negotiating deals and spelling out the business risks.
In one case investigated by McGrathNicol – which is a member of cyber specialist Emergence’s incident response team -…