Risk briefing: double extortion ransomware explained | Analysis

/in


What is double extortion ransomware?

Ransomware has grown from a moderate risk to a major headline-grabbing challenge.

ransomware, system hacked

 

In its simplest form, ransomware is malicious software that allows a hacker to restrict access to an individual’s or company’s vital information in some way, and then demand some form of payment to lift the restriction.

 

An extension of these traditional ransomware attacks is double extortion ransomware. This is when adversaries not only encrypt data, but they also exfiltrate a copy of the data giving them additional leverage in demanding payment.

 

As well as causing disruption and financial impact, double extortion strategies open victims up to increased reputational harm and potential compliance breaches, as well as the possibility of compensation to their clients and business partners.

 

Since the emergence of double extortion ransomware, some threat actors have further adapted their attack models to no longer focus on encryption.

 

Instead, they simply steal critical data and use that as their leverage. The continued evolution of ransomware attacks is extremely concerning due to the speed that cybercriminals can now cause long-lasting damage to an organisation’s systems.

 

How is ransomware evolving – is it on the rise? 

Ransomware is one of the most damaging and frequent forms of cyberattack facing modern organisations and is a security challenge that is constantly evolving.

 

Threat actors are going after bigger targets for bigger pay-outs, leaving no organisation safe from attack. It is a growing problem, with a total of 236.1 million ransomware attacks hitting organisations worldwide in the first half of 2022, according to Statista.

 

Despite a greater awareness of ransomware, organisations are still falling victim to this ever-growing risk.

Threat actors are continuing to ramp up their attack methods, focusing more on stealing and corrupting data rather than encrypting it for faster and easier attacks.

”Threat actors are going after bigger targets for bigger pay-outs, leaving no organisation safe from attack.”

When a threat actor encrypts data, they need to manage the whole decryption process and this exposes them to risk…

Source…