The FBI has released a warning advising businesses to be wary of a recent increase in DoppelPaymer ransomware attacks and inform potential targets of changes in tactics. The DoppelPaymer operators are allegedly cold-calling victims with threats to pressure them into paying ransom demands. The attacks have targeted US infrastructures such as healthcare, emergency, and education services. In Germany, the threat actor group disrupted operations at a hospital in September while another attack within weeks compromised its emergency call center and blocked officials from accessing dispatch systems.
The warning was issued as a PIN, a private industry notification that aims to keep the private sector informed on ongoing security threats. DoppelPaymer has been operating for just over a year, with its operations traced back to the summer of 2019. Since then it has wreaked havoc on a range of industries and targets with hefty ransom demands and destructive attacks. DoppelPaymer operators are one of the first threat actor groups to use this tactic to pressure victims into paying. The intimidation and threats via phone calls are designed to scare the victim into giving up the money.
Read More: FBI Warns of DoppelPaymer Attacks on Critical Infrastructure