At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Double Extortion Ransomware Attacks That Publish Victim Data Increase 935%

    Double Extortion Ransomware Attacks

    According to new data, the number of victim companies impacted by double extortion has jumped from 229 by the first half of 2020 to nearly 2400 by the first half of 2021.

    Something big is going on in the world of ransomware – it might be that organizations aren’t paying the ransom and are willing to risk the damage done with the publishing of stolen data. Or maybe it’s that cybercriminal groups are seeing the value in publishing some of the data and selling the rest to the highest bidder.

    Regardless of the motivation, according to Group IB’s Hi-Tech Crime Trends 2021/2022 Corporansom report, the way the “business” of ransomware functions appears to be changing. According to the report:

    • Most ransomware affiliate programs are private where the affiliate must know the ransomware group personally. However, the number of public affiliate ransomware “programs” has grown in the last year by 23%. This means there’s more opportunity for everyone that wants to get in on the ransomware trend.
    • The number of data leak sites has grown by 115% to 28 sites on the dark web, with the very first instance of a data leak site posting fake data about an attack.
    • Manufacturing, Real Estate, and Transportation are the top 3 most attacked industries

    What’s also interesting (and doesn’t entirely add up) is that, according to Group IB, only 30% of organizations pay the ransom, and yet only 10% of attacks companies have their data published. I can only guess the number of orgs paying the ransom is underreported, or cybercriminals are finding other ways to monetize the stolen data (despite orgs not paying the ransom).

    According to Group IB, the number of ransomware victims and data leak sites will continue grow. So, the only good recourse is a solid defense to stop ransomware attacks from being successful. A layered defense that includes Security Awareness Training is critical to ensure users don’t fall for phishing attacks used as the initial attack vector.

    Request A Demo: Security Awareness Training

    products-KB4SAT6-2-1

    New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

    Save My Spot!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top