Both of these types of ransomware attack, however, are fading in popularity among criminals as businesses build more robust protections. Instead, they are turning to more advanced forms of ransomware that are harder to defend against.
One of the most common forms of ransomware is now ‘double extortion’ ransomware. In this type of incident, as well as encrypting files, hackers also use data exfiltration techniques to steal sensitive and classified data from the business. Once they have this, they can use it in a number of ways. The first and most straightforward is by threatening further consequences if the ransom isn’t paid.
In such an attack, hackers will give the victim a deadline to pay, with the threat that if this is missed, either private data will be publicly released or sold, or details of the compromised data will be sent to customers, stakeholders or regulators. This firstly increases pressure on businesses with the intent of rushing them into a decision, but also promises much more serious consequences if the firm fails to comply.
Many organizations may decide they cannot afford the damage that having private data published could cause. This could be customer personal data that will harm their reputation, or the exposure of trade secrets or upcoming products to competitors. Therefore, they may conclude that the only way to prevent the huge costs this would cause is to pay up.
Find out more about the state of global ransomware in 2022 and learn about the latest trends.