With few options, companies pay hush money to data thieves

There’s a disturbing new angle to cyberattacks that has become more common over the last year, and it is proving costly for organizations: extortion.

Over the last year, companies have at times paid more than US$1 million in hush money to cyberattackers who have stolen their sensitive data and threatened to release it online, said Charles Carmakal, a vice president with Mandiant, the computer forensics unit of FireEye, in an interview on Wednesday.

“This is where a human adversary has deliberately targeted an organization, has stolen data, has reviewed that data and understands the value of it,” Carmakal said. “We have seen seven-figure payouts by organizations that are afraid for that data to be published.”

To read this article in full or to leave a comment, please click here

Read more: With few options, companies pay hush money to data thieves

Story added 25. February 2016, content source with full text you can find at link above.