Red Piranha's Threat Intelligence team has noted a dramatic increase in the amount of data dumps from ransomware attackers. Our latest intel indicates a total of thirteen organisations data has been dumped on the dark web in the last week.
As reported in our latest Threat Intelligence Report, Red Piranha's Security Operations team has detected that Toll Group has again been the target of cyber-criminals with another six-part data dump of over 200GB of Corporate information. This is on top of their previous ransomware attacks occurring in late January, and again in May earlier this year.
Ransomware gangs continue to develop and diversify their skillsets with the growing emergence of Ransomware-as-a-Service (RaaS) business model. Similar to software-as-a-service, ransomware developers sell or lease their ransomware variants to third-parties who use them to perform an attack on unsuspecting and vulnerable businesses including organisations such Toll Group, who were continually targeted after the initial data theft and ransom payment.
By the end of the second quarter of 2020, 22% of successful data exfiltration during ransomware attacks was observed, which is significantly higher than recorded in 2019. Red Piranha's Threat Intelligence team has predicted that this will continue to increase in 2021. Organisations can no longer rely on paying the ransom to mitigate the risk.
This recent shift in the threat landscape poses a considerable risk to organisations and underlines the importance of having a holistic security program with adaptable and predictable protection. Red Piranha's Crystal Eye XDR provides a progressive approach to security by offering a simple, unified platform which can effectively protect, detect, and respond to any cybersecurity threats.