Double extortion ransomware is taking organisations by surprise2 min read


Attack surfaces are harder to protect than ever, and as hackers change their tactics, it is imperative that organisations find solutions to maintain their cybersecurity postures and ward off emerging threats.

One new threat, ransomware which is used to extort organisations twice, is quickly making the rounds through vulnerable companies and even those with relatively strong cybersecurity measures in place. In these kinds of attacks, hackers threaten action in addition to merely holding data ransom, such as selling or on that data. Organisations then must grapple with the difficult decision to pay off the cyber attackers twice – or face not only losing their data, but essentially facilitating a data leak.

The data leak then becomes the most pressing concern; even if an organisation has a back-up ready to go, it means very little if that data will be leaked anyway. The consequences from such a leak could affect the compliance status of the organisation, as well as its reputation. As such, double extortion attacks should be a major concern to organisations.

Of course, hackers have also recently been aided by the massive shift to remote working, which has increased the use of vulnerable VPNs and remote desktop protocols. If a cyber attacker breaches one of these, they often have access to the entire internal network, which can be incredibly damaging.

Therefore, as emerging threats such as these appear, it is important to take the time to follow these steps to protect your cybersecurity posture.

Keep your VPNs, remote desktop protocols and other critical software up to date. Patch regularly to ensure that any vulnerabilities discovered by your provider is mitigated. If your organisation leaves it too long, it could leave itself open to easily executed cyber attacks.

Ensure your employees are choosing strong passwords and following other cybersecurity policies. Make it as difficult as possible for a hacker to sneak into your network by ensuring that your team and employees understand the importance of choosing a complex password or using two- or multi-factor authentication.

Use a digital risk management tool to stay on top of this and other emerging threats. Tools like CyDesk help secure your attack surface, giving you real-time views into your cyber and compliance postures, as well as the cyber and compliance postures of your third parties. If there are any potential vulnerabilities or breaches, CyDesk can help you effectively and efficiently manage them for business continuity and assurance.

Keeping on top of your organisation’s attack surface may be tricky, but it doesn’t have to be impossible. Take the time to regularly check in on your organisation’s cybersecurity posture and keep your business running smoothly.

United Kingdom

+44 020 3190 5000

The Rain Cloud Victoria
76 Vincent Square
London, SW1P 2PD

The Netherlands

Oude Udenseweg 29
5405 PD Uden
The Netherlands

Newsletter Signup

%d bloggers like this: