Double Extortion Ransomware Events Jump 935%

Contact Us
double extortion ransomware

Double Extortion Ransomware Events Jump 935%

Double extortion ransomware attacks follow a similar protocol to that of a typical ransomware attack. But, they come with an extra threat: The victim must pay a ransom not only to regain access to their technology and data but also to keep that data from being uploaded publicly online. Double extortion ransomware attacks are particularly concerning, as these incidents can further pressure organizations to comply with ransom demands in order to keep their data private.

The number of ransomware attacks involving double extortion tactics jumped from 229 to 2,371 in the span of a year, an unprecedented 935% increase, according to new research from Group-IB. This article examines how these attacks work and why they’re on the rise.

How Double Extortion Ransomware Attacks Work

Double extortion ransomware attacks start like most other ransomware incidents: A cybercriminal first gains access to their target’s device or server, often via phishing scams, nonsecure websites or malicious attachments. From there, the cybercriminal is able to compromise the victim’s technology and encrypt data stored on it. Then, the cybercriminal delivers their ransom demand and accompanying consequences for noncompliance.

Contrary to a typical ransomware incident, however, the consequences of a double extortion attack are twofold. That is, failing to pay the ransom could result in the cybercriminal permanently restricting the victim’s access to their technology and sensitive data as well as sharing this data publicly on the internet. Although double extortion ransomware attacks can occur at any organization, these incidents are most common within establishments that store a considerable amount of sensitive data. This includes health care facilities, financial institutions, government organizations and large retail businesses.

Double extortion ransomware attacks can be significantly more damaging to affected organizations than typical ransomware incidents. This is because even if organizations have protocols in place (e.g., storing data in multiple secure locations) that allow them to recover their compromised information without paying a ransom, they may still be pressured to do so in order to keep their data from going public. After all, a data breach can lead to further ramifications—including reputational damages, regulatory fines and class action lawsuits.

What’s more, cybercriminals who conduct double extortion ransomware attacks are known to demand higher ransom payments, sell or trade stolen data to other attackers for future extortion attempts, and still move forward with sharing data publicly even after the ransom is paid (whether on purpose or by accident)—making these attacks all the more damaging.

Double Extortion Ransomware Attacks Are on the Rise

As noted per Group-IB, double extortion ransomware attacks saw a 935% increase in just one year’s time. Thanks to an unholy alliance of ransomware-as-a-service actors and initial access brokers (parties selling access to corporate systems), cybercriminals were able to reach new heights in 2021, according to Group-IB’s report on the latest trends in technology-based crime.

The partnership between the two groups allows threat actors to deploy their attack of choice on already-compromised systems and opens the door to a wide range of “beginners” to ransomware.

“The fact that tools for conducting full-fledged attacks against corporate networks are widely available means that underground actors can make money with almost no risk or effort,” Group-IB said. “The market for initial access has been flooded with low-skilled threat actors who, despite their poor knowledge of the technical aspects involved, pose a threat to companies.”

According to the report, this multimillion-dollar market expanded by 204% between the second half of 2018 to the first half of 2020. It grew another 16% between 2020 and 2021 to an estimated $7.2 million in value, Group-IB added.

U.S.-based organizations are by far the most popular targets for initial access brokers, with manufacturing, education and financial services as the top industries. Another recent report from the firm found that between 2019 and 2020, ransomware actors netted at least $1 billion from their malicious efforts.

Once in, cybercriminals have shown an increasing preference for double extortion by both encrypting systems and exfiltrating data as leverage. The report found that much of the data does end up leaked online, regardless of whether a ransom was paid.

“In the first three quarters of 2021, ransomware operators released 47% more data on attacked companies than in the whole of 2020,” Group-IB’s researchers said. “Taking into account that cybercriminals release data relating to only about 10% of their victims, the actual number of ransomware attack victims is likely to be dozens more.”

Group-IB estimated about 30% of victim firms pay a ransom. The Conti ransomware group has proved to be the most aggressive in leaking data, followed by Lockbit, Avaddon, REvil and Pysa.

Preventing Double Extortion Ransomware Attacks

When it comes to combatting double extortion ransomware attacks, it’s important to prioritize standard ransomware prevention measures. These include conducting routine employee training on how to detect potential ransomware risks (e.g., suspicious emails or attachments), implementing policies that prohibit browsing nonsecure websites on organizational servers or devices, and installing adequate security features on all workplace technology (e.g., a virtual private network, antivirus programs, data encryption software, email spam filters, an internet firewall and a patch management system).

In addition to these key prevention measures, the best course of action for reducing double extortion ransomware attack risks is to establish an effective cyber incident response plan for your organization. This plan should explicitly address double extortion ransomware attack scenarios and outline steps that employees should take to limit the damages during such an event.

Lastly, it’s vital to secure appropriate insurance coverage for ultimate peace of mind in the event of a ransomware attack. A dedicated cyber insurance policy can offer much-needed support and resources when an attack occurs, minimizing the potential damages and financial impact on your organization.

For additional risk management guidance and insurance solutions, contact us today.

Share this post?


Leave a Reply


Agen Bandar Togel Online-Judi Slot Online Hoki 100%

Situs Toto Togel Tersedia Togel Online Resmi Hingga Idn Slot Terpercaya

Toto Online Macau Jackpot 10 Juta Bandar Togel 4D Terpercaya

Toto Macau Daftar Bandar Togel Online Hadiah Jackpot 4D 10 Juta Terlengkap

Bandar Togel Online Hadiah 10 Juta Rupiah Coloktoto Agen Toto 4D Terpercaya

LAETOTO Daftar Togel Online Dengan Pasang Togel Deposit Pulsa

LAETOTO Situs Slot Gacor dan Togel Online 4D Terpercaya

bandar togel terpercaya

daftar toto togel online terbaik bet 100 perak

bandar togel terpercaya

Daftar Situs Togel Online Terpercaya Hadiah Togel 4D 20 Juta

situs togel online terpercaya hadiah togel 4d 20 juta

daftar judi togel online via dana terpercaya

situs toto togel online resmi terpercaya

situs bo togel toto slot 4d bandar togel bet 100 perak

toto togel lengkap bandar judi togel online dan slot gacor 4d

togel online terpercaya

bandar togel online

Agen Togel Terpercaya Terlengkap Hadiah 4D 10 Juta

Bandar Togel 4d Pasaran Judi Togel Toto Terlengkap

Agen Togel Bet 100 Perak Hadiah Togel 4D Terbesar

bo togel terpercaya

Bandar Judi Togel Online 4D Hadiah 10 Juta

toto togel


Togel Deposit Pulsa

situs togel 6d

Situs Toto Togel Agen Slot88 Gacor 4D Deposit Pulsa Murah

Situs Togel 4D Hadiah 10 Juta Situs Bandar Togel Online Terpercaya Daftar Situs Togel Online Deposit 10Rb

Daftar Togel Online Terpercaya Dan Terbaik Nomer 1 Tahun 2022

Bandar Togel Online Bet 100 Perak Situs Togel Terpercaya Deposit 10Rb Togel Online Terpercaya Hadiah 4D 10 Juta


Situs Judi Togel 4D Agen Slot888 Gacor Terlengkap Hadiah Togel Online 4D 10 Juta Terpercaya

Bandar Togel Online Terlengkap Hadiah Jackpot Togel 4D 10 Juta

Situs Bandar Judi Bola Online Resmi Piala Dunia 2022 Terlengkap

Situs Togel Online Terpercaya & Slot Gacor

Situs Togel Resmi Bandar Judi Togel Online Terpercaya 2022

Bandar Togel 4D Pasaran Judi Toto Terlengkap Dan Terbesar

Daftar Situs Togel Online Terbaik Dan Bandar Toto 4D Deposit Via Pulsa

Bandar Togel Online Jackpot 4D Terbesar Dari Situs Toto Macau