BianLian Overview

BianLian continues to exhibit a high level of operational security and skill in network penetration, seeming to have also found their stride in the pace of their operations. At the same time, the group has been improving their ability to operate the business side of a ransomware organization. Yet perhaps most notably, BianLian has shifted the main focus of their attacks away from ransoming encrypted files to focus more on data-leak extortion as a means to extract payments from victims. Furthermore, they have been attempting to amplify the effectiveness of these extortion threats by tailoring the messages delivered to specific victims in an effort to increase the pressure felt by the organizations.

Source