Several cyber attackers have been weaponizing personal data as a means to pressure targets into paying a ransom, a recent report by cybersecurity provider Sophos said. According to Sophos, business owners and employees have suffered data breaches and other forms of blackmailing by cybercriminals, including threats of exposing illegal business activities and forcing workers to pursue litigation against their employers. “Ransomware gangs are becoming increasingly invasive and bold about how and what they weaponize.
Compounding pressure for companies, they’re not just stealing data and threatening to leak it, but they’re actively analyzing it for ways to maximize damage and create new opportunities for extortion,” Sophos Threat Research Director Christopher Budd said. The ransomware groups have allegedly performed different methods of cyber extortion that can be found on the dark web, which sought to “manipulate narratives” by blaming ransomware attacks on business leaders they target. In the report titled “Turning the Screws: The Pressure Tactics of Ransomware Gangs,” Sophos showed that the cybercriminals have published a photo of a business owner with devil horns, along with their social security number.
The cybersecurity provider also found other posts by hackers revealing their schemes to defame workers by stealing data that could be used as “leverage” if companies refuse to pay. Ransomware group Monti, for instance, caught an employee searching for child.