When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
For the first time, aransomwaregang has reported one of its victims to the authorities.
The pressure on companies is growing to structure their measures in the event of successful attacks.
(Image credit: Shutterstock.com)
This is effectively a quadruple blow against the victims: thedatais encrypted, then exfiltrated and published.
The people affected end up being harassed and the company ends up being reported to the regulatory authority.
Field CISO of EMEA at Cohesity.
Why are ransomware groups choosing this new method?
The new SEC regulations go into effect on December 15th and give victims four days.
With cybercriminals now showing a willingness to self-report the breach, companies will come under even more pressure.
And more likely to agree to a ransom payment.
From a cost perspective, however, other tasks are more difficult.
The cost of clean ups far exceed the potential regulatory penalties, as the MGM case shows.
The costs of attack analysis and recovery are often higher than the legal penalties themselves.
How can organizations protect themselves?
The house is rebuilt, but stronger than before without the structural defects and the future attack is repelled.
We’ve featured the best encryption software.
The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc.
If you are interested in contributing find out more here:https://www.techradar.com/news/submit-your-story-to-techradar-pro
