‘Double-Extortion’ Ransomware Data Leaks Skyrocket 935%

Startling triple-digit growth is fueled by easy criminal access to corporate networks and RaaS tools, an analysis found.

The ransomware business is booming, and feeble corporate security and a flourishing ransomware-as-a-service (RaaS) affiliate market are to blame, researchers say.

Access to compromised networks is cheap, thanks to a rise in the number of initial-access brokers and RaaS tools can turn everyday petty crooks into full-blown cybercriminals in an afternoon, for just a few bucks.

That’s according to findings from Group-IB’s Hi-Tech Crime Trends Report 2021/2022, which unpacks the startling numbers behind what the report calls an “unholy alliance” between ransomware operators and corporate-access brokers — which analysts said has fueled a 935 percent spike in the number of organizations which had their stolen data exposed on a data leak site (DLS).

Ransomware groups have increasingly used the tactic called double extortion, where they not only steal a company’s data, but threaten to publish it to ratchet up the pressure to pay a ransom. The report proves these groups are following through on the threats.

RaaS, Initial-Access Brokerage Spike

Over the past year, Group-IB identified the number of active initial-access brokers jumped from 85 to 229 and the sheer number

Read More: https://threatpost.com/double-extortion-ransomware-data-leaks/176723/