How Cybercriminals Use Sales Best Practices in Ransomware Attacks
Security for Everyone
As most of the businesses utilize different tactics to gain more customers in order to maximize their profit nowadays, so does the cybercriminals. Ransomware is the key product of cybercriminals forcing individuals, companies and organizations to pay for getting something i.e. the decryption keys to their valuable and sensitive information or data. With the increasing security protocols and people becoming more careful and vigilant, cybercriminals have also improved themselves. They do not blindly attack any person or business but utilize the best sales practices as opted by traditional businesses. The business strategies followed by cybercriminals are actually proving to be successful as the average ransom asked by the hackers have almost doubled to around $178,000 as compared to around $84,000 in 2019. Moreover, around 58% of the attacked businesses pay the ransom so the hackers or cybercriminals are earning good and their attacking techniques are proving legitimate and successful. A thought may develop about their mode of action; following are the major tactics of sales department, which are now widely adopted by cybercriminals for ransomware.
Market research and prospecting:
Normally every salesperson or a marketing manager work on prospecting and reconnaissance and this is what cybercriminals closely follow. In the current times, cybercriminals do not attack randomly on every business they find vulnerable for ransomware rather now they specifically do some market research. Cybercriminals use different platforms like Twitter, LinkedIn and Facebook to find out which target may cash out better and which one of them is more likely to pay ransom, as their data may be valuable and sensitive. Same like a corporate business, cybercriminals perform their homework, plan out everything and then hit a specific target making sure that they will end up paying the money.
Leveraging through pitching campaigns and social engineering:
From limited stock, flash sales and product launch to coupons and Christmas discounts, every business uses different campaigns to target emotions of the people so they can buy their products. Cybercriminals also utilize different strategies from social engineering to take advantage of the people. Employees and workers will not be interested in a spam email, so cybercriminals use blackmailing, similar brand names and emails of employers to lure employees to click on the malicious link in the emails. Most of the individuals deliberately and unknowingly fall a victim to these phishing emails and give the hackers an access to their system. Hackers then look for critical data that can be exploited and used against companies or individuals to demand ransom.
Negotiations and offering trials:
Just like a legitimate business, cybercriminals also offer samples in order to turn their potential customers into buyers. Cybercriminals now use the best marketing practices of offering trial versions as they offer victims and business to decrypt a part of their data or they offer keys which give the victims access to a certain portion of the data. This shows that they actually have the solution to the encrypted data and provide a guarantee to the people who are attacked through ransomware. Moreover, just like professional marketers and salesperson, cybercriminals now also continue to negotiate on the price or ransom they have demanded. Cybercriminals know that it is better to make something instead of going empty handed after an attack. Therefore, these criminals instead of directly leaking the data online try to negotiate with the business under attack to pay a relatively lower price than what they demand. This shows that sales practices not only work for business but they are helpful for cybercriminals too.
References
control security posture