The Maze group, which is behind the relatively new REvil/Sodinokibi ransomware, has doubled down on the malicious functionality of their malware. The ransomware now exfiltrates large amounts of live data before encrypting the victim’s systems; and the Maze group threatens to dump that data online if the victims don’t pay. Not wanting to be left behind in how much damage they can do and potential money they can extort from businesses, other cybercriminal organizations are starting to jump on this bandwagon as well, including the LockBit ransomware developers.This means that whereas before “ransomware was just ransomware” (which is a bad enough crisis for a business), now it also must be considered a potential data breach, requiring all of the costly and potentially embarrassing notifications, forensic investigations, legal costs, and disclosure involved in that process. Also, if you’re in NYS, don’t forget about SHIELD data breach notification requirements.

If you’re not already doing everything you can to prevent these kinds of attacks from victimizing your business, the potential costs of an incident have just increased exponentially. Insurance and good backups are no longer good enough to weather the business disruption of a ransomware incident.

Impacts of the new Ransomware turned Data Breach are:

• Potential exposure of trade secrets/confidential company information
• NYS SHIELD & other compliance/regulatory liability
• Damage to your company's public reputation
• Wasted time for business stakeholders dealing with the data breach
• Considerable expenses for forensics, legal, PR, and IT assistance
• Potential for exhausting cyber insurance policy coverage limits
• Crippling damage to a small business’s productivity

If you think your business is too small or low-profile to be a victim, a 100 employee CPA firm in Albany, NY was among the list of businesses exposed by this attack.

Take steps to avoid being added to the victim list before you experience an attack – ask your LMT Account Executive about our Cybersecurity Services and how we can help you better protect your business.

Stay cyber-safe!