← Back to BrewedIntel
malwarehighData ExfiltrationDouble ExtortionRansomware

Feb 12, 2026 • ESET WeLiveSecurity

Naming and shaming: How ransomware groups tighten the screws on victims

This article examines the 'naming and shaming' tactic employed by ransomware groups to pressure victims into paying ransoms. These groups operate dedicated...

Source
ESET WeLiveSecurity
Category
malware
Severity
high

Executive Summary

This article examines the 'naming and shaming' tactic employed by ransomware groups to pressure victims into paying ransoms. These groups operate dedicated leak sites where they publish stolen corporate data, creating prolonged reputational and operational damage beyond the initial attack. This 'double extortion' strategy forces organizations to weigh the cost of paying the ransom against the potential exposure of sensitive information, customer data, and intellectual property. The practice has become increasingly prevalent in the ransomware ecosystem, with threat actors leveraging public data exposure as an additional pressure mechanism. Organizations are advised to implement robust data backup strategies, incident response plans, and security controls to prevent initial compromise and mitigate the impact of such attacks.

Summary

When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle

Published Analysis

This article examines the 'naming and shaming' tactic employed by ransomware groups to pressure victims into paying ransoms. These groups operate dedicated leak sites where they publish stolen corporate data, creating prolonged reputational and operational damage beyond the initial attack. This 'double extortion' strategy forces organizations to weigh the cost of paying the ransom against the potential exposure of sensitive information, customer data, and intellectual property. The practice has become increasingly prevalent in the ransomware ecosystem, with threat actors leveraging public data exposure as an additional pressure mechanism. Organizations are advised to implement robust data backup strategies, incident response plans, and security controls to prevent initial compromise and mitigate the impact of such attacks. When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle

Read original source