Old school ransomware attacks were all about maliciously encrypting vulnerable data and demanding a ransom to unlock it. But in the evolving world of cyberattacks, they’re now using a new tactic known as “triple extortion”.
First, as with standard ransomware attacks, the victim's data is encrypted, and a ransom demanded in exchange for the decryption key. Secondly, they threaten to make public or sell this information if the victim doesn’t come up with the ransom, adding more pressure to pay to avoid reputational damage and legal proceedings. Thirdly, they will target individuals and harass partners, affiliates and associates of the victim organisation (for example, suppliers or sponsors that do business with the target).
While it is very difficult to stop triple extortion once your data has been comprised, experts still recommend keeping copies of your data securely offline using tape technology. What makes tape a key weapon in the fight against ransomware is that you can place your data behind a physical, disconnected, air gap barrier. In the event of a triple extortion attack, and bearing in mind that in many cases, data is published regardless, at least you then have a choice. You can deal with the known consequences of a data breach while recovering all of your data from good tape copies. In turn, this could mean that you can ignore the ransomware demands because you are able to recover the data and focus instead on improving your cyber security defences.
Experts like John Petrozzelli, Director of the Massachusetts Cyber Security Center recommend not paying the ransom on the grounds that this simply fuels future criminal activity. Their advice is to engage in and timely communication is crucial. Inform all stakeholders about the incident as soon as possible. Be honest about the nature of the attack, the data that was compromised, and the steps being taken to address it. Involve law enforcement agencies to bring their expertise into the recovery effort while ensuring that your response complies with all relevant laws and regulations, including data breach reporting requirements.
A swift and well-executed response can help mitigate the PR fallout from a triple extortion ransomware attack. Transparency, communication, and a commitment to security are key components of effective crisis management in these situations.
https://bit.ly/49oPI41
#ransomware #cybersecurity #dataprotection #lto #lastinginnovation
Director Strategic Partnerships
1moThe threats and attacks are real. It’s not if, it’s when and how big of an impact it will be for that business.