Cybercriminals Expand Attack Radius and Ransomware Pain Points

Melissa Bischoping, security researcher with Tanium and Infosec Insiders columnist, urges firms to consider the upstream and downstream impact of “triple extortion” ransomware attacks.

Melissa Bischoping Director, Endpoint Security Research Specialist, Tanium

AUTHOR: Melissa Bischoping is director, endpoint security research specialist at Tanium

When ransomware strikes, security teams and business leaders are immediately faced with a flurry of questions, including:

 “Is the vulnerability patched?”

“Does my vendor/supplier/customer’s compromise affect me too?” 

“What are the implications?” 

“How can we prevent this going forward?”

This scenario was top of mind for the American Dental Association and its 161,000+ members and associated businesses after it was attacked by the Black Basta ransomware group just last month. Initially, the ADA took multiple systems offline – a common step in incident response to reduce potential spread while investigations are underway. According to reports, the organization engaged third-party security services as well as law enforcement support and sent emails to members to keep them aware of the emerging situation.

Within hours, Black Basta began leaking stolen information which included details on financial forms as well as member data. This attack on

Read More: https://threatpost.com/criminals-expand-attack-radius/179832/