Analysts consider that ransoms demanded by hackers affect the reputation of cryptocurrencies
Hackers stole encrypted data of 5 Law Firms of the United States and now demand 100 bitcoins (BTC), over $933,000, ransoms from each firm. These hackers ask for the money to restore access to the data and delete the copy of the information instead of selling it.
Two of the five law firms were hacked in less than 24 hours. The group of hackers responsible for that crime is known as Maze. According to the cybersecurity firm Emsisoft, the hackers started publishing part of the data stolen from the five US law firms.
The hackers also published the data on two websites. The Maze group names the hacked companies on its website and, if they do not pay, Maze publishes a small part of the stolen data as proof they have the information.
Maze keeps releasing increasingly sensitive parts of the data over time if the law firms do not pay. When a firm pays, the group removes its name from the website.
Brett Callow, a threat analyst from Emsisoft, said that “the group has also published data in Russian hacker forums with a note which said ‘use this information in any nefarious ways that you want’”.
Because of this, the expert believes that more data will be published unless the hacked firms pay. He also explained that, probably, the hackers won’t delete the information even if the law firms pay.
“It seems highly unlikely that a criminal enterprise would delete what it may be able to monetize at a later date”, Callow commented.
Modus Operandi
Callow explained that ransomware groups started stealing data at the end of 2019. Now, cybercriminals are also threatening the victims. The hackers say they will publish the data to extort payment.
He said that “the groups have stolen and published data from law firms (including client information), accounting firms (including client info), medical practices and medical testing labs (including patient info) and insurance companies”.
Callow also gave his opinion regarding the ransomware economy. He explained that Emsisoft had over 200,000 ransomware submissions last year.
For this reason, he estimates that Emsisoft has 25 % of the total ransomware cases, which means almost 800,000 cases of this type in 2019. The average demand is now over $80,000, so the total ransom demanded last year according to his estimates added up to $64 billion.
Finally, Callow explained that as ransomware started stealing particularly sensitive data, it is “likely to result in more legal actions being taken against ransomware groups, web hosts, and currency exchanges”.
The expert also said: “Legal actions such as these, as well as the fact that the incidents result in very sensitive data being exposed, is likely to raise the profile of ransomware cases. In turn, that could result in the public thinking cryptocurrency is ‘just for criminals’, making it harder for crypto to become more mainstream”.
A Texas-based data center provider considers that these rescues remain the main threat to cybersecurity.
By María Rodríguez
