Double Extorsion Ransomware Is on the Rise
Double extorsion ransomware is when a criminal not only holds your data for ransom; but also demands money to not publicly release any sensitive information.
Security is becoming stronger and less ransoms are being paid. This means criminals are finding it less lucrative to simply hold or encrypt your data and demand payment to regain access.
Now, in addition to demanding a ransom for your data, cybercriminals are starting to analyze what they’ve captured, looking for trade secrets, sensitive or compromising information. This puts the criminal in a position to demand you pay to regain access AND pay to not have that information published (“double extortion”).
Cybercriminals are becoming more organized, working together to form a kind of cyber-mafia, and their attacks are getting more sophisticated. So far this year, there have been reports of at least 35 known ransomware “gangs” or “families” successfully using this new double extortion technique.
These gangs are starting to share info and tools on the dark web, and their numbers are growing with the relative ease of acquiring “kits” through new “Ransomware as a Service (RaaS)” or “Malware as a Service (MaaS)” models. The tools used for ransomware attacks are becoming commodities and bots are able to target as many people as possible, making it easy to become a cybercriminal resulting in threats to all businesses growing exponentially.
These ransomware gangs are very technically sophisticated and often do not target a specific industry or company, they are simply looking for any security weakness. Most victims were small to medium size businesses. Which means any organization is a potential target for this new type of organized crime.
How to combat double extortion ransomware
Unfortunately, in most cases there are no warning signs before being hit by ransomware. Like you generally don’t know you’re sick until you start coughing, usually you won’t know you have been hit by ransomware until it executes and it’s too late. However, not all breaches are caused by a malicious file detonating on your computer. Most often hackers gain access by stealing an employee’s login ID and password. Most cybersecurity solutions only work if a criminal is unable to login using stolen credentials. Therefore, it’s important to keep your passwords safe and use all security tools at your disposal.
Security starts with you. It’s more important than ever to create a culture of security awareness. As an organization you can have the best cybersecurity in place; but it won’t guard against an employee voluntarily or inadvertently giving out sensitive info, clicking on a malicious link, or falling victim to phishing. The best safeguard against any data breach is to train your employees to be able to recognize threats and how to avoid them.
Use 2 factor authentication for everything. The biggest security breaches come from someone fraudulently obtaining your login ID and password. If an attacker does manage to obtain your password, 2 factor authentication slows down criminals from quickly getting in-and-out, making it less feasible for them to accomplish their nefarious goals.
Control access to your data. Make sure employees only have access to data necessary for their role. Access to sensitive information should only be granted on an as-needed basis. Always control what information and folders are shared with the entire organization. Knowing who has access to what files is very important to mitigate losses if an attack does happen.
Utilize multiple levels of security. Just like a single piece of thread isn’t very strong by itself; neither is any single piece of cybersecurity effective against every threat. It’s important to recognize that the strength of any organization’s security is in all the pieces working together. Like individual threads being woven into cloth, every piece of security has a specific role, and all the threads combine to create a company’s cybersecurity fabric. Make use of all security tools available to your organization.
Contact tca SynerTech to learn more about how to stay safe from threats like double extortion ransomware. We have nearly 25 years of experience helping our clients stay ahead of ever-evolving IT landscape.