Ransomware Evolved: Double Extortion
Check Point Research
Picture this scene: you arrive at the office one morning to find that cybercriminals have accessed your entire corporate network and encrypted all your files and databases, bringing the operations of your organization to a grinding halt. What should you do? Restoring your systems and data from back-ups and getting back to something like business-as-usual could take days or even weeks. You could pay the attacker’s ransom demand in hopes that they deliver the promised decryption keys, but the cybercriminals may not keep their word. According to the FBI’s Internet Core Competency Certification (IC3) 2019 Internet Crime Report, over 2,000 organizations in the U.S. alone faced this problem after being hit by ransomware last year, costing millions in losses and remediation.
As If that wasn’t bad enough, cyber-criminals are starting to include a new tactic in the familiar ransomware playbook: double extortion. In what has become a trend in Q1 2020, threat actors are adding an additional stage to their attacks. Prior to encrypting the victim’s databases, the attackers extract large quantities of sensitive commercial information, and threaten to ...