According to data provided by Emsisoft, a cybersecurity firm, the Maze hacker group has already started publishing some of the data stolen from law firms. Two of the five companies were hacked in late January.
The hackers published data on two websites. Maze first releases the name of the hacked companies on its website and, if they refuse to pay, distribute a small portion of the stolen data as evidence. Gradually, the group continues to publish confidential data, and when the firm pays a ransom, hackers delete all information from its website.
Emsisoft threat analyst Brett Callow said that "the group also published data on Russian hacker forums marked 'Use this information in any malicious way.' Therefore, he believes that hackers will release more data if hacked firms do not pay. paying the ransom does not guarantee a solution to the problem:
It seems highly unlikely that criminals will delete data that they can monetize later
Callow explained that ransomware groups started stealing data in late 2019 instead of just encrypting it. Now, cybercriminals are also threatening victims with publishing sensitive data to extort payments. He said that " groups of hackers stole and published data from law and accounting firms (including customer information), medical organizations and medical testing laboratories (including patient information), and insurance companies."
Callow spoke about the possible profits of the ransomware. He explained that Emsisoft received more than 200,000 extortion claims last year, and he estimates that this represents about 25% of the total number of such cases. Thus, in 2019, at least 800,000 attacks were carried out. On average, hackers require about $ 80,000, respectively, in the past year, ransomware could earn up to $ 64 billion.
According to callow, since they began stealing sensitive data, this "may lead to more stringent legislative measures against hackers, web hosts, and cryptocurrency exchanges." He said:
Such legal actions and the fact that incidents lead to the disclosure of sensitive data are likely to increase people's awareness of such cases. In turn, this may lead to the fact that the public will consolidate the opinion about cryptocurrencies as tools of criminals, which will harm the image of the industry
Proofpoint, a cybersecurity company, recently reported that in 2019, more than half of all public and private organizations in the United States were exposed to virus attacks and phishing. Also, new York state senators have prepared a bill that proposes to prohibit the payment of taxpayer money to hackers who distribute viruses and demand ransom in cryptocurrencies.