Data Activist Group Publishes Exfiltrated Ransomware Data Previously Available Only on the Dark Web
A small group known as Distributed Denial of Secrets, or DDoSecrets, works to make data stolen as part of ransomware attacks available to journalists.
The idea of your organizations data being published on the dark web is a scenario every organization wants to avoid. Bad guys with access to company secrets, customer data, and personal information never adds up to something good. It’s the reason this tactic is so influential on ransoms being paid today.
Most often, when ransoms haven’t been paid, data was published on a site available on the Dark Web. Maze took some of their plundered data and posted it to a publicly-viewable website on the Internet.
But the most recent development in the area of extorted data being published comes from DDoSecrets, a data anti-privacy group that has taken over a terabyte of data from organizations covering industries that include pharmaceuticals, manufacturing, finance, software, retail, real estate, and oil and gas, and posted the data to a publicly-accessible website.
Their goal is to make those very same corporate secrets that are already published on the dark web available to the world. According to a Wired story about DDoSecrets, their cofounder Emma Best seemed to hope the data would contain evidence of corporate malfeasance or perhaps intellectual property that could be used to “serve the public good”. It’s evident from the article, DDoSecrets is an activist group and an agenda to share data, no matter whether it may hurt corporations.
It was already evident that your organization cannot afford to be the victim of a ransomware attack. But with new players appearing like DDoSecrets with additional agendas of how to use the published data that can be just as harmful, you know it’s now imperative to put as much defense in place to stop ransomware attacks from being successful in your organization.