Ransomware groups may pivot back to encryption as data theft tactics falter

Mere data exfiltration is no longer a lucrative approach for ransomware groups, and threat actors may increasingly rely on encryption to regain leverage, Coveware notes in a new report.

Following a series of highly successful data-exfiltration-only attacks conducted by known groups such as Cl0p, other ransomware groups adopted the trend, stealing victims’ data without encrypting it.

The campaigns targeting MOVEit, Cleo, and Oracle E-Business Suite (EBS) customers are proof that the approach no longer delivers return on investment, Coveware says.

Read more at Security Week