In an interview with Melissa Bischoping, the security researcher with Tanium and Infosec Insiders columnist warns of the increasingly popular trend towards triple extortion ransomware attacks. The multi-faceted approach beyond ransomware and the primary victim is a significant concern for organizations and their members, says Bischoping. Secondhand victims such as dental practices, insurance providers, and telecommunications companies could be potential targets pursued using data obtained during the primary ransomware attack. One such example is an attack in May of last year on Ireland’s public health system, the Health Service Executive. When the main service was breached, multiple hospitals connected to the public health service suffered from outages, financial losses, risks to patient data safety, and barriers to access in care.
The increase in the number of attacks that leverage this method paint a worrisome picture about the growing impacts of ransomware attacks. The vast majority of threat actors are looking to maximize payouts and potentially steal valuable data to sell or use for other purposes. Now that they are increasingly using this information to target and extort the customers of its primary victim, organizations should remain extremely diligent in their cybersecurity measures.
Read More: Cybercriminals Expand Attack Radius and Ransomware Pain Points