ArrowArtboardCreated with Sketch.Title ChevronTitle ChevronIcon FacebookIcon LinkedinIcon Mail ContactPath LayerIcon MailPositive ArrowIcon PrintIcon Twitter
Technology

Ransomware data leaks strike 1,000 companies in 2020

Nikkei survey shows new cyberthreat puts sensitive data from Capcom to LG online

In the new types of ransom attack, criminals first steal the data and then threaten to leak.

TOKYO -- More than 1,000 companies worldwide fell victim to an emerging type of ransomware attack during the first 10 months of 2020, in which hackers not only lock users out of their computers but also threaten to leak files unless a ransom is paid.

Nikkei, in cooperation with cybersecurity company Trend Micro, tallied the number of businesses that had information leaked on the dark web.

Traditional ransomware simply encrypts data in the target's computers, to be unencrypted in exchange for a ransom. But the new type of attack, in which criminals first steal the data that they then threaten to leak, has increased rapidly since 2019. These types of attacks can be particularly damaging to a company, since information leaks could tarnish their reputation.

One recent victim was Osaka-based game developer Capcom. A ransomware group called Ragnar Locker, which appears to be a Russian organization, leaked sensitive files such as passport copies and game release schedules stolen from Capcom after the developer apparently refused to pay 1.1 billion yen ($10.6 million) in ransom.

Troves of data from South Korea's LG Electronics were leaked online in July, including information on product development that involved business partners. Sensitive data tied to automobile designs from a Toyota Motor partner was also disclosed in a similar attack.

Most businesses report such incidents to authorities instead of paying the ransom. But 32% of respondents said they paid attackers an average of $1.17 million, in a survey of Japanese companies and government offices conducted by CrowdStrike in August and September.

Most companies victimized by these ransomware attacks had antivirus software on their computers.

Businesses "need to prevent malicious use of data even if they are subject to a ransomware attack by encrypting confidential information and setting passwords," said Takeshi Doi, who heads a cyber risk unit at MS&AD InterRisk Research and Consulting.

Sponsored Content

About Sponsored Content This content was commissioned by Nikkei's Global Business Bureau.

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this monthThis is your last free article this month

Stay ahead with our exclusives on Asia;
the most dynamic market in the world.

Stay ahead with our exclusives on Asia

Get trusted insights from experts within Asia itself.

Get trusted insights from experts
within Asia itself.

Try 1 month for $0.99

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this month

This is your last free article this month

Stay ahead with our exclusives on Asia; the most
dynamic market in the world
.

Get trusted insights from experts
within Asia itself.

Try 3 months for $9

Offer ends January 31st

Your trial period has expired

You need a subscription to...

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers and subscribe

Your full access to Nikkei Asia has expired

You need a subscription to:

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers
NAR on print phone, device, and tablet media

Nikkei Asian Review, now known as Nikkei Asia, will be the voice of the Asian Century.

Celebrate our next chapter
Free access for everyone - Sep. 30

Find out more