DaVita, a major player in the kidney dialysis industry, has recently fallen victim to a ransomware attack. Fortunately, there have been no reports of the breach affecting patient-related services as of now. However, the situation could become more concerning if the hackers choose to release or sell the stolen data. If that happens, it could lead to a surge in phishing attacks and identity theft.
While the full impact of the ransomware attack on DaVita’s operations is still under investigation, it’s important to understand the broader evolution of file-encrypting malware and its implications.
The Shift to Double Extortion
Traditionally, ransomware attacks involved encrypting files and demanding a ransom to decrypt them. This model has evolved over the past few years into what is now called “double extortion.” In this scenario, cybercriminals not only encrypt files but also steal sensitive data upfront. If the victim refuses to pay the ransom, the attackers threaten to sell the stolen data on the dark web.
A New Trend: Data Extortion Without Encryption
In recent times, some attackers have shifted focus entirely. Rather than encrypting files, they simply steal the data and threaten to sell it on underground markets if their demands aren’t met. This tactic is especially dangerous as it bypasses the need for decryption and can have immediate consequences for victims.
The Value of Stolen Data
The type of data stolen plays a critical role in determining its value on the dark web. Health, financial, and personally identifiable information (PII) are highly sought after and can fetch hefty prices—anywhere from $1,200 to $5,000 per dataset, depending on the volume and sensitivity of the data. Data sizes can vary from a small 1GB to a massive 10TB, further influencing the price.
Protecting Your Organization from Data Extortion
To mitigate the risks of becoming a victim of such cyberattacks, businesses and organizations must take proactive security measures. Here are a few best practices:
Backup and Encrypt Data: Maintain multiple encrypted copies of critical data, preferably off-site, to ensure you can recover without relying on a ransom payment.
Access Control: Use multi-factor authentication (MFA) to restrict access to sensitive information, adding an extra layer of protection.
Endpoint Protection: Install and maintain comprehensive endpoint protection software to guard against malware and other threats.
Firewall Configuration: Ensure that your network firewall is correctly configured to block unauthorized access attempts.
Staff Training: Educate your employees on current cyber threats, including phishing and social engineering tactics, to reduce the risk of falling victim to attacks.
Safe Application Practices: Only download applications from trusted sources, and avoid clicking on suspicious links or attachments from unknown senders.
By taking these precautions, organizations can better safeguard their data and reduce the risk of falling prey to cybercriminals.
Ad
Join our LinkedIn group Information Security Community!
