DaVita, a prominent player in the kidney dialysis industry, has been the target of a ransomware attack recently. Fortunately, the breach has not impacted patient-related services thus far. However, there is a looming concern that the hackers may choose to release or sell the stolen data, potentially leading to a rise in phishing attacks and identity theft.
As the investigation into the full extent of the ransomware attack on DaVita’s operations continues, it is crucial to delve into the broader evolution of file-encrypting malware and its implications.
Traditionally, ransomware attacks involved encrypting files and demanding a ransom for decryption. However, this model has evolved into what is now known as “double extortion.” In this new scenario, cybercriminals not only encrypt files but also exfiltrate sensitive data upfront. If the victim refuses to pay the ransom, the attackers threaten to sell the stolen data on the dark web.
A recent trend in ransomware attacks involves data extortion without encryption. Instead of encrypting files, some attackers opt to solely steal the data and threaten to sell it on underground markets if their demands are not met. This tactic can be particularly perilous as it does not require decryption and can have immediate repercussions for the victims.
The value of stolen data is determined by the type of information exfiltrated. Health, financial, and personally identifiable information (PII) are highly coveted and can command substantial prices on the dark web, ranging from $1,200 to $5,000 per dataset based on volume and sensitivity. Data sizes, varying from 1GB to 10TB, also influence the price.
To mitigate the risks of falling victim to cyberattacks, organizations must adopt proactive security measures. Best practices include maintaining multiple encrypted backups of critical data, employing multi-factor authentication (MFA) to control access, installing comprehensive endpoint protection software, configuring network firewalls to block unauthorized access attempts, educating employees on cyber threats, and exercising caution while downloading applications and clicking on links.
By implementing these precautions, organizations can fortify their defenses against cybercriminals and lessen the likelihood of succumbing to attacks.Join our LinkedIn group Information Security Community for more insights and updates on cybersecurity.