The Data That Ransomware Attackers Covet Most

Double-extortion attacks, where gangs steal information and threaten to publish it if a payment isn’t received in addition to encrypting data and demanding a ransom for the decryption key, have become routine. The dual MO forces victims to pay up, even in cases where data could be restored from offline backups. According to an analysis, there are certain industries and types of data that criminals target regularly, because those sectors are most vulnerable to double-extortion using that specific data. Financial services is the favorite target, with more than 80 percent of attacks threatening to expose customer data. The cyber-criminals are well aware that publishing sensitive customer information would undermine consumer trust in financial services. Health and pharmaceuticals are another big target, with the threat of exposing internal finances, accounting data, and patient information as leverage. The article referenced above includes security suggestions.