Double Extortion Ransomware: The New Normal

With more and more businesses learning how to avoid paying huge amounts of money to ransomware actors by maintaining up-to-date backups and having disaster recovery plans in place, the number of victims forced to pay ransom started to decrease.

Even so, according to a study conducted by Cloudwards, in 2021, 37% of all businesses and organizations participating in the study were hit by ransomware and out of all, 32% paid the ransom but recovered only 65% of their data.

Even if companies started to learn new “tricks” when it comes to ransomware, the developers behind this kind of attack continue to adapt, rethink their tactics and find new ways to pressure their victims into paying the ransom. One of their relatively new famous technique is double extortion ransomware.

What Is Double Extortion Ransomware and How Does it Work?

Double extortion, also known as pay-now-or-get-breached refers to a growing ransomware strategy and the way it works is that the attackers initially exfiltrate large quantities of private information, then encrypt the victim’s files. Following the encryption, the attackers threaten to publish the data unless a ransom is paid.

If the victims fail to pay the requested ransom, their data will most likely be destroyed, exposed

Read More: https://heimdalsecurity.com/blog/double-extortion-ransomware/