In the past two months, ClearSky and Profero have linked the operators behind the Pay2Key ransomware to an Iranian-backed group focused on data theft with a ransomware façade. ClearSky details that in November, the operators did not deploy ransomware against Amital and have mostly dealt with victims through extortion of stolen data. The December 18, 2020 report by Clearsky points to domains linked previously by Checkpoint to make the association from Pay2Key to Iran and the speed of deployment when ransomware is used.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security