Tech Teacher

Support Tech Teacher Help keep our digital safety guides free for seniors and non technical learners. Click to hide this message

Tech Teacher is a small nonprofit. We do not run ads or sell data. Your donation helps us:

  • Offer free cybersecurity guides for seniors
  • Run workshops for underserved communities
  • Explain technology in simple, clear language
Donate with PayPal Even 3 to 5 dollars helps us reach more people.

No one pays ransomware demands anymore, so attackers have a new goal

Author/Source: Liam Tung, ZDNet See the full link here

Takeaway

This article explains how cybercriminals are changing their tactics because organizations are getting better at recovering from traditional ransomware attacks without paying. Instead of just locking up files, attackers now focus on stealing sensitive data and threatening to make it public, making prevention of data theft crucial.

Technical Subject Understandability

Intermediate

Analogy/Comparison

Imagine a burglar who used to break into your home and lock all your doors, demanding money for the keys. Now, because you’ve installed better locks and keep spare keys, they instead copy your personal photos and important documents and threaten to show them to everyone if you don’t pay. The goal shifts from getting you to unlock your own things to preventing them from exposing your private information.

Why It Matters

This shift in cybercriminal strategy is important because it means organizations can no longer just focus on restoring their systems from backups. They must also prioritize preventing sensitive information from being stolen in the first place. For example, a hospital that gets its patient records stolen and threatened with public release faces a much more severe problem than just having its computers locked, potentially leading to massive fines, loss of trust, and harm to individuals whose data is exposed.

Related Terms

Ransomware
Data Exfiltration
Double Extortion
Cyber Extortion
Incident Response
Decryption
Backup
Data Breach
DDoS Attack

Jargon Conversion:
Ransomware: Malicious software that locks your computer files and demands money to unlock them.
Data Exfiltration: When someone secretly copies or steals data from a computer system.
Double Extortion: A two-pronged attack where cybercriminals first encrypt your data (like traditional ransomware) AND steal your sensitive information, then demand payment to both unlock your data and prevent them from publishing the stolen information.
Cyber Extortion: Any situation where cybercriminals demand money or something else of value, threatening harm if their demands are not met (e.g., releasing sensitive data, disabling systems).
Incident Response: The plan and actions an organization takes when a cybersecurity attack or data breach occurs to manage the situation and recover.
Decryption: The process of converting encrypted (coded) data back into its original, readable form.
Backup: Copies of computer data taken and stored elsewhere so that it may be used to restore the original after a data loss event.
Data Breach: A security incident where sensitive, protected, or confidential data is copied, transmitted, viewed, stolen, or used by an unauthorized individual.
DDoS Attack (Distributed Denial of Service): An attack that floods a system or website with so much traffic that it overwhelms it, making it unavailable to legitimate users.

Leave a comment