How to protect against double-extortion ransomware attacks

Of all the cybersecurity challenges facing organisations today, one of the most pervasive is ransomware attacks.

According to research firm Statista, during the first half of 2022 there were a total of 236.1 million ransomware attacks worldwide. During these attacks, criminals attempt to gain access to an organisation’s central IT resources and encrypt data files. Payment of a ransom is then demanded before the files will be unlocked.

Recently, however, attackers have increasingly been adding an additional step in the process. Before data is encrypted, a copy is made which is then sent to another location. The victim is informed that, if payment is not made, these files will be made publicly available.

As well as the disruption and financial cost associated with traditional ransomware attacks, these so-called ‘double extortion’ strategies open victims up to reputational harm and a potential need to compensate clients and business partners.