Ransomware Double Extortion

Oct 26, 2023 | News

A scary new take on ransomware

Small and medium-sized enterprises (SMEs) are increasingly becoming the target of cyberattacks, and one particularly menacing threat is the double extortion ransomware. This is a new threat and way the criminals are getting the most from their attacks and its not good news for you!

What is Ransomware?

Before we delve into double extortion ransomware, it’s essential to understand the basics of ransomware. Ransomware is a type of malicious software (malware) that encrypts your files and demands a ransom for their release. When your business falls victim to ransomware, you’re essentially held hostage – your crucial data is inaccessible until you pay the demanded sum or if you have planned ahead and have good backups, restored that data. The impact of an attack can be huge from days of lost productivity to the full closure of the business.

The Double Extortion Twist

Double extortion ransomware takes ransomware attacks to a whole new level. In this scenario, cybercriminals don’t just encrypt your data and demand payment for its release; they also threaten to expose your sensitive information if you don’t comply with their demands.

Here’s how it works:

1. Data Encryption: As with traditional ransomware, your files are encrypted, making them inaccessible.

2. Ransom Demand: You receive a message from the attackers, demanding a ransom for the decryption key.

3. Data Theft Threat: The twist comes when the cybercriminals inform you that, in addition to paying the ransom, you must meet their demands to prevent them from leaking your sensitive data. This information could be anything from customer data to proprietary company secrets. This comes after the initial ransom so even if you have managed to get the data back by restoring from backups you are once again thrown into a major issue.

4. Deadline: A ticking clock adds pressure. If you don’t comply within a set time frame, your data might be exposed on the dark web or sold to the highest bidder.

Why Is Double Extortion Ransomware So Dangerous?

Double extortion ransomware is especially menacing for SMEs for several reasons:

Reputation Damage: If your sensitive data is exposed, your business reputation can take a severe hit. Customers may lose trust in your company, potentially leading to a loss of clients and revenue.

Legal Consequences: Depending on the nature of the data stolen, you could face legal consequences for failing to protect sensitive information, such as customer data or proprietary trade secrets.

Double Costs: You face not just one but two financial burdens – the ransom itself and potential costs associated with data exposure, including legal fees, fines, and compliance measures.

How to Protect Your Business

There is no magic bullet for protecting your business. protection in layers is critical.
Training is important as your staff are the front line to these attacks. Train your employees in cybersecurity best practices, including recognising phishing emails and avoiding suspicious websites.

Backups are  important to ensure you are protected. Create and maintain regular backups of your critical data. Make sure they are stored offline and are easily accessible for recovery.

Keep your software and systems up to date with the latest security patches and updates.

Have an Incident Response Plan – Develop and practice a plan so your team knows how to respond in case of a cyberattack.

A great starting point is our free guide to cyber security. Use this to walk through the foundational steps to getting cyber secure.

Double extortion ransomware is a growing threat that small and medium-sized businesses need to take seriously. By implementing these protective measures, you can significantly reduce the risk of falling victim to this malicious practice. Don’t wait until it’s too late; invest in your business’s cybersecurity now to ensure its safety and continuity.

Disaster Recovery