By posting victim’s nudes, ransomware gang crosses new red line

A gang has posted naked photos of a woman found during a ransomware attack on their site. This event is a new red line crossed by cybercriminals.

This is sad news relayed by Motherboard. A gang posted naked photos of a woman on their site, which they allegedly found on their victim’s computer system during a successful ransomware attack.

We are not talking about a sextortion operation – a sub-genre of cybercrime involves blackmailing the disclosure of nude or sexual photos – that would have gone wrong. In this case, the victims are individuals, the sum requested amounts to ‘only’ a few hundred euros and above all, the thugs often bluff.

Cybercriminals’ sense of impunity drives them to ever more atrocious actions. // Source: Louise Audry for Numerama

In the case spotted by Motherboard, the publication of the nudes is orchestrated by a ransomware gang. This kind of organization works like a business, and reflects its actions. Powerful, these groups can now attack the world’s largest companies, demanding ransoms in the tens of millions of dollars.

Cybercriminals allow themselves ever more serious actions

Until 2017, ransomware was content to encrypt the network of its victim, and to monetize the unlocking for ransom. Cases of casualties among large corporations were relatively rare, whereas they are almost daily today. Now, the vast majority of gangs have a blog dedicated to victim data breaches. Data that they steal before encrypting the network. So even if the company decides to go through a painful restore of its computer network from backups rather than paying the ransom, it will also have to take the threat of data publication into its calculation.

Usually, cybercriminals publish strategic company documents (the source code of video games for example) or client files (like the files of this law firm). This disclosure is done gradually with updated ultimatums depending on the progress of negotiations between the thugs and the victim.

As if this double threat were not enough, cybercriminals are constantly pushing the ethical boundaries of their manipulations: some launch DDoS attacks to paralyze the recovery of victims, others print the ransom note on all the photocopiers connected to the network. The criminals go so far as to harass the victims who refuse to pay via call centers, they threaten to speculate on the downside on the shares of the victims listed on the stock exchange or they engage in smear campaigns on social networks. .

Soon the end of impunity?

In March 2021, a group even threatened to reveal the file of pornographic videos of the IT manager of the victim company. The publication of naked photos is, however, a new red line that cybercriminals have just crossed: the cyberattack touches the intimate while it should only attack the professional framework. This is proof of a certain feeling of impunity on the part of criminals. It also shows that for some of them, all means are good to make the victim pay.

Fortunately, international authorities are starting to tackle this problem, led by the United States. Earlier this year, the Biden government rolled out a dedicated ransomware response plan. The president himself confronted Russia over its laissez-faire cybercriminal activity after the successive attacks on Colonial Pipeline and JBS. Last weekend, the G7 countries supported this speech and also confronted Russia, the last bulwark against the arrest of certain cybercriminals. To see if these declarations will be followed by actions, to change the fear of camp.

Related Articles