Naming and shaming is the worst thing we can do.
In December 2019, the GOLD VILLAGE threat group that operates the Maze ransomware created a public website to name and shame victims. The threat actors used the website to dump data they exfiltrated from victims' networks before they deployed the ransomware. Secureworks Counter Threat Unit (CTU) researchers have observed several ransomware operators following suit.
Joining us in this week's Research Saturday is Alex Tilley of SecureWorks' Counter Threat Unit.