Physical threats: The new ransomware tactic
- Cyberpeace Tech
- Aug 5
- 3 min read
In recent months, an alarming trend has been identified in ransomware attacks: cybercriminals are no longer content with encrypting data or paralyzing systems; they are now also threatening to cause physical harm to employees of affected companies and their families.
This worrying shift was revealed by a survey of more than 1,000 cybersecurity and IT professionals.
Although many organizations continue to face traditional threats such as system lockouts or data destruction, 40% of respondents now report having received threats involving physical violence.
The case of ALPHV, a group known for this type of extortion, exemplifies the seriousness of this phenomenon. After compromising a technology company, they even filed a complaint with the US financial regulator, putting even more pressure on the victim.
This combination of legal pressure, reputational damage, and now physical threats represents an evolution in criminal tactics.
What kind of threats are being made?
Attackers often resort to generic but intimidating messages: they claim to know the location of executives' family members, where their children work or study, or what their daily habits are.
Although they do not always specify how or when they might act, the uncertainty raises the level of anxiety and panic.
Ransomware negotiation specialists say this technique is effective because it plays on the most primitive fear: the safety of loved ones. This strategy, although despicable, is growing as a way to pressure victims into paying ransoms faster.
Mexico must take note
Although much of the information comes from surveys abroad, Mexico is not exempt from this threat. Many national companies, especially in the financial, health, and government sectors, have already been victims of ransomware, and the possibility of this tactic reaching the country is real.
Mexican companies must strengthen their cybersecurity culture, train their teams on how to respond to an attack, and establish clear protocols to protect both their digital infrastructure and their employees.
Attacks continue unabated: multiple offensives and slow recovery
Despite a slight decrease in the number of ransomware attacks compared to the previous year, the figures remain worrying. More than 70% of the organizations attacked were victims on more than one occasion, and nearly a third suffered three or more attacks.
In addition, recovery capacity has declined. Less than a quarter of victims manage to restore their operations within a day, while a growing number need weeks.
This leads to economic and reputational losses and, now, personal risks.
Paying is no guarantee
One of the key lessons from this report is that giving in to extortion does not guarantee a solution. Around 15% of those who paid the ransom did not receive useful tools to recover their information, and some even saw their data leaked publicly.
Ransomware is no longer just a technological threat; it is a comprehensive threat that impacts people, their security, and their well-being.
It is time for Mexican companies to take action with contingency plans, response protocols, and, above all, awareness of the new risks of cybercrime.
At Cyberpeace, we recommend staying informed about cybersecurity issues and other digital threats. Prevention and knowledge are your best allies in protecting your identity and your business. Interested in learning more about cybersecurity and digital privacy? Follow our social media channels and stay informed.
Comments