“As the lead federal investigative agency fighting cyber threats, combating cybercrime is one of the FBI’s highest priorities,” the agency said in a statement. “We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice. A cyberattack on one is an attack on us all.”
REvil/Sodinokibi sits atop all other ransomware groups, with a 12.5% share of the ransomware market -- and it’s been a busy bunch too. So far this year, it claimed that it stole unencrypted data from electronics company Acer, pilfered information from the celebrity law firm that represents Lady Gaga and Madonna, and made off with plans for upcoming Apple products.
Consumers are safe… for the moment
When a business is hacked, its customer database is usually part of the theft. Take, for example, the attack on Marriott hotels that exposed the personal details of 500 million hotel guests.
While consumers used to be easy targets for ransomware groups, one cybersecurity expert says cybercriminals tend not to go after the general population as much anymore because it’s just not that lucrative to do so.
“Consumers are more trouble than they are worth,” said Dick O'Brien, principal editor at Symantec, who authored a special report on targeted ransomware. "A lot of the consumers these days do not use computers that much, and ransomware is designed to infect Windows computers—they are not in the firing line, as much as enterprise users. Enterprises are—I would not say an easier target, but there are more possibilities for a compromise with them."
Ransomware still impacts consumers
ConsumerAffairs reached out to Purandar Das, co-founder at data security platform Sotero, to find out what trickle-down effect ransomware might have on consumers.
“The recent wave of escalating cyber and ransomware attacks on organizations will and is resulting in significant impact to the consumer. Most of what is being discussed and being written about is the operational impact to the organization. What is less understood and discussed is the impact to consumers and individuals,” Das told ConsumerAffairs.
“Whether it is the Solarwinds attack or the more recent attacks on the energy pipeline and now the meat processing industry, they will and are resulting in significant impact to the consumer.” How? Das says that even in the short term of those cyberattacks, consumers faced gas shortages and price increases.
“These are indicative of the disruption that these attacks could cause. Also of concern is the possibility of data theft in any or all of these attacks. While it is not clear, at the moment, if any data has been stolen, stolen information would increase the possibility of consumers facing increasing identify related crimes as well as their personal information being held hostage,” he said.