The Surge of Double Extortion Ransomware Attacks

The Surge of Double Extortion Ransomware Attacks

Ransomware attacks have become an increasingly severe threat to organizations around the world. A particularly insidious new trend is the rise of "double extortion" attacks, in which cybercriminals not only encrypt an organization's data but also threaten to publicly release sensitive stolen information if the ransom is not paid. In this comprehensive article, we will examine the evolution and surge in these double extortion campaigns, look at real-world examples of how high-profile companies have been significantly impacted, and provide best practices for defending against and recovering from such attacks.

The Evolution of Ransomware into Double Extortion Tactics

The Basics of Ransomware

Ransomware itself has been around for years. The basic attack involves malware that encrypts important files, databases, systems, and more, paralyzing business operations. Victims are instructed to pay a ransom payment, usually demanded in cryptocurrency, in exchange for the decryption key. If organizations don't pay up, they lose access to their critical data and applications. Early ransomware variants simply locked user screens, but innovations led to quietly encrypting in the background for bigger impacts.

Ransomware exploded into greater prominence over the last decade with high-profile attacks on hospitals, city governments, and large corporations. The 2012 Reveton ransomware famously used lock screen tactics claiming the FBI locked the computer for illegal activity. CryptoLocker, in 2013, pioneered the use of strong encryption algorithms. WannaCry and NotPetya ransomware worms, in 2017, illustrated how quickly ransomware could....