Chris Ensey writes that as entities try to defend themselves better against ransomware, criminals have come up with a new twist to make it more likely for their victims to pay up:
Many companies have figured out that they can avoid paying these ransoms by wiping a system clean, restoring it with backup drives, and going about business without being held hostage. But as a result of increased ransom-avoidance, cybercriminals have created an even more insidious threat. Imagine malware that combines ransomware with a personal data leak: this is what the latest threat, doxware, looks like.
With doxware, hackers hold computers hostage until the victim pays the ransom, similar to ransomware. But doxware takes the attack further by compromising the privacy of conversations, photos, and sensitive files, and threatening to release them publicly unless the ransom is paid. Because of the threatened release, it’s harder to avoid paying the ransom, making the attack more profitable for hackers.
Read more on Dark Reading.