The FBI alerts that threat actors behind ransomware campaigns are attacking organizations taking part in significant financial events such as corporate fusions and acquisitions, in order to extort their targets more easily.
On Monday, the FBI issued a private industry notification alerting that ransomware threat actors would take advantage of the financial data obtained prior to attacks as leverage to pressure victims into paying the requested ransom.
The FBI assesses ransomware actors are very likely using significant financial events, such as mergers and acquisitions, to target and leverage victim companies for ransomware infections.
During the initial reconnaissance phase, cyber criminals identify non-publicly available information, which they threaten to release or use as leverage during the extortion to entice victims to comply with ransom demands.
Impending events that could affect a victim’s stock value, such as announcements, mergers, and acquisitions, encourage ransomware actors to target a network or adjust their timeline for extortion where access is established.
As mentioned by BleepingComputer, a year ago, the REvil (Sodinokibi) cybercrime group stated that they were thinking of adding an auto-email script that would notify stock exchanges, such as NASDAQ, that organizations had been affected by ransomware to impact their stock price.
In April 2021, <span