Double extortion translates to “double extortion”. This does not necessarily involve multiple blackmail, but the cybercriminals use several means of pressure for their blackmail.
With the ransomware that has been common up to now, there is usually a means of exerting pressure: the data of a computer, network or system is encrypted. A ransom is demanded for decryption.
In the case of Double Extortion ransomware, the cybercriminals add further leverage to make the ransom payment as unavoidable as possible for the blackmailed company.
With Double Extortion Ransomware, cybercriminals can use different means of pressure:
Whether ransomware or double extortion ransomware – cybercriminals often try to place the corresponding malware through phishing emails. So, if you recognize such an email, it may be that you have just fended off a Double Extortion Ransomware attack.
However, even without any action on your part, you may still be affected by Double Extortion Ransomware. For example, the major cyberattack on Mediamarktsaturn in 2021 was carried out by cybercriminals known for Double Extortion Ransomware. In such cases, data of customers of the company concerned may be published. However, as far as we know, this was not the case after the aforementioned cyberattack.
Cybercriminals use different attack vectors for Double Extortion ransomware. These include phishing emails, brute force attacks on remote access to the corporate network, and credentials purchased on the dark web to networks that have already been compromised. Many, but not all, of these attacks can be prevented.
Therefore, we recommend a two-pronged protection strategy: on the one hand, thwarting successful attacks (prevention) and on the other hand, limiting the damage in the event of successful attacks (response).
