You’ve probably heard of ransomware, but have you heard of triple extortion ransomware? Ransomware is a type of cybercrime where attackers use encryption to prevent users from accessing their sensitive data until a ransom is paid, which is often substantial.
In recent months, we have written a lot about Double Extortion Ransomware. That’s when cyber criminals encrypt sensitive user data and threaten to publish it on the dark web, sell it to the highest bidder, or permanently restrict access if the ransom is unpaid by a deadline. Organizations can often recover lost information from previous backups, but it’s much more challenging to stop sensitive data from leaking after this attack.
Now, a third layer is being added to the mix to increase pressure on the victim to make more or higher payments. In a triple extortion attack, ransomware actors up the ante.
What Is Triple Extortion?
There are three layers to the attack. The first is the ransomware itself: Pay a fee or lose your data forever. The second is threatening to release your private information, either on the Dark Web or to the public, unless you give them even more money.
Triple extortion ransomware adds a third threat to the attack. In addition to encrypting and exfiltrating data, an attacker might perform a distributed denial-of-service (DDoS) attack, threaten the victim’s customers, or make other threats.
Remember, paying criminals is no guarantee they’ll keep their word. Nothing but the word of a thief promises to return your data or keep it secret. Many people do not fully recover all their information or privacy. Paying the ransom only emboldens threat actors to continue the crime.
Staying Safe from Ransomware and Extortion
- Ransomware attacks have affected millions of people all over the globe. So, how can you protect yourself from these cyber threats?
- Store backups regularly in a secure, offline location.
- Use strong security measures like firewalls, antivirus software, and intrusion detection systems.
- Keep software and systems up to date with the latest security patches.
Stay up-to-date about safe online practices. Human error is often the cause of successful cyberattacks. - Limit access to data based on the principle of least privilege. People should have access to the minimal amount of data necessary for their job.
- Memorize your workplace’s Incident Response Plan. If you’re unsure, ask where to report and what to do if you notice suspicious behavior online and/or in person.
Segment your network to limit the spread and help contain the damage if an attack occurs. - Assess and manage the security practices of third-party vendors to ensure they don’t become a weak link.
What Should You Do If Ransomware Threatens You?
When ransomware appears on your device, it can be very scary and upsetting. That state of mind can cause you to act quickly and without thinking.
First and foremost, remember never to pay the ransom. Most of the time, hackers disappear with your money and data.
Step 1: Isolate the affected device from the network and other systems.
Step 2: Call your I.T. provider and possibly the authorities for help.
Step 3: Damage control to try and recover everything possible.
Step 4: Clean up with antivirus programs and remove the threat.
If you have the proper backup and storage safeguards in place, you should not have a problem recovering your files.
Ransomware is an increasingly complex, expensive, and prolific threat. To remain as cyber-safe as possible, we must learn its tactics, avoid the dangers, and recover.
When it comes to the evolving threat landscape, we must stay alert and adaptive. Preparedness and proactive defense go a long way, especially as threat actors develop new layers to their cyberattacks.
Commonwealth Sentinel will help you face your organization’s growing cyber security threats. We can evaluate your existing IT security and work with your team to protect your data and assets. At Commonwealth Sentinel, we are focused on cyber security, so you can focus on other things. Contact us today or sign up for a free consultation.