Europe’s GDPR leveraged in new form of cyberattack dubbed a ‘ransomhack’
The introduction of the European Union’s General Data Protection Regulation law pertaining to online privacy has seen the creation of a new form of targeted cyberattack dubbed a “ransomhack.”
First described by Bulgarian security company Tad Group, a ransomhack differs from traditional ransomware in that it doesn’t hold customer data hostage but instead is aimed at releasing stolen data publicly unless a ransom is paid.
The switch in modus operandi by hackers stems from the penalties a business can face under GDPR regulations if they are found not to have adequately secured the stolen data to begin with. What constitutes adequate protection is subjective, but any companies facing an adverse GDPR finding would be facing significant financial costs should they agree to pay a fine or battle it in court, making the prospect of paying a ransom to hush up the data breach often more appealing.
According to Hackread, the victims so far have been medium-sized and large Bulgarian companies that are requested to pay a ransom in an untraceable cryptocurrency. The ransoms are said to vary from $1,000 to $ 20,000, whereas an adverse GDPR finding can see a fine as high as 4 percent of the global annual turnover of the company in the previous year up to a maximum of 20 million Euros ($23.3 million).
Interestingly, paying the ransom also offers a number of risks. As well as the hacker perhaps coming back with more ransom demands, the GDPR states that companies that have become the victim of the cybercrime must report the incident within 72 hours of confirming the breach. In the event that they fail to do so, that also attracts a substantial fine, meaning that if they’re caught after having paid a ransom and not having reported it, the cost to the company continues to rise.
Image: Tad Group
Since you’re here …
Show your support for our mission by our 1-click subscribe to our YouTube Channel (below) — The more subscribers we have the more then YouTube’s algorithm promotes our content to users interested in #EnterpriseTech. Thank you.
Support Our Mission: >>>>>> SUBSCRIBE NOW >>>>>> to our Youtube Channel
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.