Every day, there are 1.7 million ransomware attacks, or 19 ransomware attacks every second. Worldwide, there were almost 236,7 million ransomware attacks in the first half of 2022.
By 2036, ransomware is predicted to cost its victims almost $265 billion (USD) a year. The crime itself is not receding and yet something shady came on the surface.
BlackCat’s Bold Move
The group ALPHV, also known as BlackCat, has reported their own crime to the US Securities and Exchange Commission (SEC) after a digital lending company, MeridianLink, failed to report a security incident.
To accomplish particular objectives, cybercriminals employ psychological operations, or PsyOps, to influence a target’s perceptions, emotions, reasoning, and behavior. Hence, this move is considered a novel extortion strategy.
The attack unfolded with ALPHV conducting a successful ransomware attack on MeridianLink and then filing a complaint with the SEC. By doing so, ALPHV aimed to pressure the company into meeting its ransom demand within a tight timeframe.
Screenshots of the SEC complaint were included in a blog post on ALPHV’s leak site, revealing a disturbingly candid approach.
MeridianLink responded by downplaying the attack’s impact and questioning the legality of the SEC reporting rule. The company claimed minimal business interruption and questioned the applicability of the new SEC reporting rule, which takes effect on December 15.
Ariel Parnes, Mitiga’s co-founder and COO, believes that the SEC rule has encouraged attackers to adopt PsyOps, which is a tactical approach used to influence a target’s ideas, feelings, perceptions, and actions in order to achieve specific objectives.
It is predicted that in the upcoming months, there will be more activities similar to the recent activity of ALPHV/BlackCat against MeridianLink.
How to move forward?
Companies must have plans to combat misinformation, handle psychological pressure tactics, and effectively respond to security incidents. However, it could be argued that reporting the incident in the first place is always simpler.
The SEC should establish a definitive position regarding ransomware groups self-reporting their criminal activities, and it would be advisable for them to actively discourage such behavior. Encouraging transparency and accountability should be a priority to ensure the effectiveness of regulatory measures.
Aggressive and bold organizations like ALPHV do not seem to hesitate to report their own crimes or consider the risk of exposure high.
To tackle the extortion scam, organizations can use transparency. This means having strong security plans, always being ready to respond to security incidents, using trustworthy systems, and making sure everyone is trained properly.
While the SEC should find ways to discourage ransomware gangs from filing complaints, companies can easily bypass this extortion scam by simplifying reporting the security incident when legally compelled to do so.
Stay Informed! Stay Secure!
It is imperative that we remain vigilant as we move across the increasing wave of cyber threats. With millions of ransomware attacks happening every day, the recent tactics of groups like ALPHV highlight the need for a proactive defense.
Cybersecurity is an ongoing effort, and each incident provides a lesson. You can prevent yourself from being vulnerable to new threats by promoting openness, having strong security plans, and ongoing training.
Marrium Akhtar
November 28, 2023
5 months ago
