Demystifying the ransomware ecosystem
This added extortion component has been widely adopted by most ransomware groups operating today. This tactic was pioneered by the Maze ransomware group in December 2019. Even with the double extortion component at play, ransomware groups have upped the stakes by incorporating additional extortion tactics, including launching distributed denial-of-service (DDoS) attacks against victim websites, threatening to sell their stolen data to third parties if a ransom isn’t paid, as well as contacting companies that are customers of the victim organizations and using the threat of leaking data on these customers to apply additional pressure to the victims. Ransomware is a force to be reckoned with it and isn’t going to go away that easily.
Organizations should never pay the ransom demand because it simply emboldens the ransomware groups and the other stakeholders within the ransomware ecosystem to continue to perpetrate these types of attacks.
Reason behind bright future of ransomware for cybercriminals
There’s so much money to be made and there are a lot of vulnerable organizations out there, waiting to get hit by a ransomware attack across a variety of industries and business sizes. Ultimately, the bright future for ransomware remains a byproduct of the success from double extortion attacks and exfiltration of stolen data in particular. Some ransomware groups have shifted gears, moving away from encrypting files and solely focusing on the data exfiltration and threat to leak.
Proactive measures to prevent ransomware
In our Ransomware Ecosystem report, we outline 10 steps organizations can take to put themselves in the best position to defend against ransomware attacks. These include things that we know including identifying vulnerable assets and applying the latest patches as promptly as possible, implementing security awareness training, use of security software tools like endpoint security and anti-virus, as well as using multifactor authentication across all accounts. There are other steps mentioned in the report, but these are some of the key ones we want to highlight.