At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    New Ransomware Variant Brings with it the Dawn of the Era of “Quintuple-Extortion”

    New Ransomware Variant

    A ransomware gang with a new variant is trailblazing us towards the future of ransomware by making threats that go well beyond the simple ransom transactions of yesterday.

    First we had plain old ransomware – hold your data for hostage and ask for a ransom. Then came the double extortion, where data was exfiltrated and a threat was made to publish it if the ransom wasn’t paid. Then REvil and others began to offer an additional service where customers, partners, and the press were called if the ransom wasn’t paid. Then came DDoS attacks (to keep a victim from being to communicate about their response to the attack) as a fourth mode of extortion.

    And now, according to security researchers at Symantec Threat Hunter Team, a new ransomware variant – dubbed Yanluowang – includes an additional threat. Once infected, victims are instructed not to contact law enforcement or ransomware negotiation firms. If the attackers’ rules are not followed, Yanluowang says they will not only start distributed denial of service (DDoS) attacks against the victim organization, as well as make “calls to employees and business partners,” but also add on a fifth form of extortion – threatening to repeat the attack in a few weeks and simply delete all the victim’s data.

    I fear this is only going to get worse; threat actors merely need to figure out additional ways to further put pressure on organizations once ransomware has infiltrated a network in order to turn this 5-time extortion game into something so unbearable that organizations will have no choice but to pay the ransom.

    The silver lining here is no ransomware of late has figured out a way to deploy itself beyond the big three initial attack vectors: vulnerabilities, remote desktop access, and phishing. Security Awareness Training takes care of phishing, by recruiting users to play a role in the organization’s security through constantly being vigilant when interacting with email and the web. Vulnerabilities require patching at a minimum and vulnerability management for more mature organizations. And remote desktop services – c’mon you know those should just be turned off and traded in for a SASE solution.

    Ransomware *is* going to continue to get worse. Prepare accordingly.

    Free Ransomware Simulator Tool

    Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

    KnowBe4’s “RanSim” gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

    RansIm-Monitor3

    Here’s how it works:

    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 21 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!
    Get RanSim!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/ransomware-simulator-tool-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top