What is Double Extortion Ransomware?
Although this is not a new type of ransomware strategy, double extortion, is making quite the comeback. Double extortion, pay-now-or-get-breached, is where attackers initially exfiltrate large quantities of private information and then encrypt the victim’s files. Once the files are encrypted, the attackers threaten to publish the data unless the ransom is paid.
If the victims choose to ignore the request for a ransom payment, their data in most cases gets destroyed, leaked online, or sensitive data can even be sold to the highest bidder. The only way to secure your decryption key back is to pay the ransom.
Double extortion ransomware is expected to grow even more this year. Which is scary for businesses. Even if a ransom is paid, there is no guarantee the hacker will destroy the stolen data and can later turn around and sell for an even bigger profit.
There are steps you can take to protect your company and information. A key defense against a cybercriminal accessing your network is to adopt a policy of zero trust, or least-privileged access. Zero trust means that no user or application should be inherently trusted. Access should only be granted based on user identity and context, and as minimally necessary.
In additional, your business should have strict security policies in place, as well as necessary training to ensure each user understands the best practices.
For help implementing the necessary security policies in your business or help in selecting the best security solutions, let us help. 2W Tech is a technology service provider with IT Consultants on staff that specialize in security solutions. Give us a call today to get started.