How Criminals Are Weaponizing Leaked Ransomware DataAccenture's Robert Boyce Advises Firms to Update Monitoring and Approval Processes
Accenture's cyber threat intelligence team has analyzed the top 20 most active dedicated ransomware leak sites to learn how threat actors are posting sensitive corporate information and making the data easier to search and exploit. Robert Boyce, Accenture's Global Cyber Response Lead, explains how cybercriminals are weaponizing stolen ransomware data for follow-up attacks.
Boyce says criminals are indexing the data, making it more searchable and "doing their own analytics on that data to be able to identify really interesting business processes and identities of people within organizations."
Details such as employee names and titles, preferred vendors, the timing of payments to vendors and images of invoices are helping threat actors execute highly sophisticated business email compromise attacks against these former ransomware victims, Boyce says.
Boyce recommends organizations review their processes and increase their diligence. "Maybe put a little bit more monitoring around those processes, and … think about how to introduce additional controls like double authentication or double approval for payments, just to really try and reduce that risk just a little bit more," he says.
In this video interview with Information Security Media Group, Boyce discusses:
- How cybercriminals are using ransomware data for secondary attacks;
- The gaps in cybersecurity processes that criminals are bypassing;
- How organizations can prepare for new mandatory cyber incident reporting legislation.
Boyce provides hands-on consulting services to the Global 2000 in the areas of advanced security operations, crisis preparedness and response, and cyber defense and protection strategies. He helps clients evolve their cybersecurity programs by focusing on the threats that matter and driving secure digital transformation. He is also responsible for shaping market strategy, including offerings, innovation and investments.