HardBit Gang Entices Ransomware Victims to Defraud Insurers

Date:

February 21, 2023

World map

The HardBit ransomware gang has introduced a new tactic – the effectiveness of which is yet to be seen – where they instruct victims to provide details of their cyber insurance coverage so the attackers can properly set the ransom demand.

“The hackers tell victims to anonymously provide them with the details of their cyber insurance <sic> so that they can set the ransom amount accordingly,” according to SecurityWeek. “The HardBit operators say they do not want to demand more than what the victim can recover from the insurance company, but they also don’t want to be offered a low amount by the insurer’s representatives.”

Takeaway: While the HardBit ransomware gang might appreciate a victim providing details of their cyber insurance coverage in an attempt to maximize potential profits, for victims, this offer to conspire against insurers is extremely ill-advised, and for obvious reasons. 

Not only would colluding with attackers likely nullify any and all coverage under the terms of the cyber insurance policy, but the organization and those involved in the collision could also be subject to severe legal repercussions. 

Even good-faith negotiations with attackers to set a ransom amount and terms for payment would face intense scrutiny by any insurer, law enforcement, and/or regulators. Furthermore, any payment to ransomware operators who may be under international sanctions restrictions could land an organization and its leadership in serious trouble.

No organization should ever entertain any offer of collusion with attackers. By doing so they would expose their organizations to a degree of legal jeopardy that simply is not worth contemplating.

Halcyon.ai is the industry’s first dedicated, adaptive security platform that combines multiple advanced proprietary prevention engines along with AI models focused specifically on stopping ransomware – talk to a Halcyon expert today to find out more.