In this first-of-its-kind Member Spotlight, MoFo Partner Alex Iftimie and former U.S. Central Intelligence Agency intelligence officer Guillermo Christensen spoke with IAPP Staff Writer Joe Duball on all things ransomware, specifically highlighting how personal data can be leveraged and how companies can better equip themselves to face attacks.
When discussing double extortion schemes Alex warns, they not only deploy ransomware in order to encrypt victims data in place, but they're also stealing data from victims and going after sensitive data in order to use it as a secondary extortion mechanism. Essentially they'll say that they will publish data and embarrass a company and harm the individuals whose data we've stolen unless you pay our ransom. What these actors realize now is their need to get around the fact that in some cases people won't pay them because they'd rather recover from backups. Now they'll steal data, so even if there are backups, the company will still be concerned about the reputational costs of this data being published online.
Read the full article.