As noted in our blog at the end of 2021, ransomware continues to be a major risk into 2022, with criminals using social media sites such as Facebook, Twitter, and Tumblr - among other methods - to pressure corporate victims into paying ransom demands.

Throughout 2021, ransomware blackmailers have expanded their tactics, techniques, and procedures (TTPs) to implement double, triple and even quadruple layered extortion schemes. Such multi-layered schemes place huge pressure on victims to comply, and in recent months, numerous ransomware groups have leveraged a number of new TTPs which have then been adopted by other ransomware groups. These usually include threats of data leaks and denial-of-service (DoS) attacks if victims engage with negotiators or law enforcement.

Recently, one well known ransomware group used Facebook advertisements to publicly shame victims and subsequently rachet up the pressure for ransom payments. In one instance, the group captioned a Facebook advert:

“we can confirm that confidential data was stolen, and we are talking about huge volumes of data.”

By using social media, the blackmailers are able to publicise and taunt their targets openly, and as a result it is expected that the use of social media sites to ramp up pressure on victims is only set to increase.

As we start a new year, work with us to best prepare and protect from cyber-crime.

The NEBRC is a police-led, not for profit organisation, set up to help businesses. Contact us today for further information, training and guidance: enquiries@nebrcentre.co.uk