A new report from Sophos, a cybersecurity company, has highlighted alarming tactics employed by ransomware groups to pressure their targets into paying ransoms. The report, titled “Turning the Screws: The Pressure Tactics of Ransomware Gangs,” reveals that cybercriminals are now weaponising stolen data to exert additional stress on victims who refuse to comply.
According to the findings, ransomware gangs are not only stealing sensitive information but are also using it to threaten those associated with targeted companies. This includes sharing personal details or even doxing family members of CEOs and business owners. The report underlines a disturbing trend where attackers threaten to report any illegal activities they uncover in the stolen data to authorities, further escalating the pressure on their victims.
Sophos X-Ops, the team behind the report, uncovered numerous posts on the dark web where ransomware groups describe their targets as “irresponsible and negligent.” In some cases, they encourage victims, whose personal information has been compromised, to pursue legal action against their employers. This strategy aims to shift blame and control the narrative surrounding the attacks, intensifying the pressure on companies to comply with ransom demands.
Christopher Budd, director of threat research at Sophos, emphasized that these tactics have become more aggressive. For instance, some attackers have posted photos of business leaders with derogatory captions, alongside sensitive personal information. In one instance, they even encouraged employees to seek compensation from their employer, thereby creating internal conflict and further pressuring the company.
The report also highlights that ransomware groups are analysing stolen data to find leverage points. For example, one group noted that they could use sensitive information, such as an employee’s past criminal activity, as leverage against the company if they refused to pay. This indicates a shift towards more sophisticated and invasive extortion methods.
The report also reveals that criminals are targeting increasingly sensitive data, including medical records and personal information related to mental health. In one case, a ransomware group released details about a CEO’s daughter, further showcasing their willingness to inflict harm on personal lives to achieve their goals.
