Skip to main content

São Paulo/SP – October 31, 2022. In a triple extortion ransomware attack, attackers not only demand payment from the company initially compromised, but also demand payment from those who may be affected by the leak of that company's data.

*By David da Silva

Cybersecurity is a top concern for companies, leading CISOs to put security planning ransomware at the top of your list of initiatives. However, just as companies have adapted to protect themselves against this threat, ransomware have also adapted, employing additional layers of extortion focused on kidnapping and exposing customer data.

Traditional Attack vs Triple Extortion Attack

an attack of ransomware Traditional is based on the premise that organizations will pay a ransom in exchange for the safe restoration of their hijacked and encrypted data.

As payments of ransomware continue to fire, attackers are getting creative, initiating a series of follow-up attacks to raise additional funds. In a three-way extortion, attackers not only demand payment from the company initially compromised, but also demand payment from those who may be affected by the leak of that company's data.

Triple extortion can also involve additional attacks launched against the original target if he refuses to pay the ransom. For example, if a company has managed to restore its data and is not trading, cybercriminals can launch a distributed denial-of-service attack to apply additional pressure and even carry out threats via phone calls or other means of communication.

Ways to protect yourself against triple extortion ransomware.

  • Do not allow intruders in: The attacks of ransomware triple extortion attacks use the same methods to gain access to your network as any hacking attack. ransomware traditional. Security awareness training for employees, password policies and multi-factor authentication, regular remediation of known vulnerabilities, and securing RDP ports and VPNs are all important steps to stop initial access. You might also consider investing in a firewall web application and bug detection solution ransomware.
  • Backups and Data Encryption: In the event that an attacker enters your network, having a backup offline recent attack can protect against the first edge of an attack of ransomware, the recovery of your data. Also, to protect against a double extortion attack, encrypt your data so that, if stolen for use in a data breach attempt, it cannot be read by the security group. ransomware.
  • How to avoid an infection:
    • Never click on unsafe links. Avoid clicking on links in email messages. spam or on unfamiliar websites.
    • Avoid disclosing personal information. If you receive a call, text message, or email from an untrusted source asking for personal information, do not respond.
    • Do not open suspicious email attachments. O ransomware can also enter your device via email attachments.
    • never use pen drives Unknown USB. never connect pen drives USB or other storage devices to your computer if you don't know where they came from.
    • Keep programs and operating systems up to date. Regularly updating programs and operating systems helps protect against malware.
    • Only use fonts download To minimize the risk of downloading a ransomware, never do download in software or media files on unknown websites.
    • Use VPN services on public Wi-Fi networks. Conscious use of public Wi-Fi networks is a sensible protective measure against ransomware.

Ransomware is one of the most dangerous threats to organizations across the world. The security recommendations mentioned in this article allow you to reduce the risk of infection and limit data loss, providing knowledge to deal with an attack ransomware triple extortion.

— David Silva is an Information Security Consultant at [SAFEWAY]

How can we help?

THE SAFEWAY is an Information Security consulting company recognized by its clients for offering high value-added solutions through projects that fully meet the needs of the business. In 14 years of experience, we have accumulated several successful projects that have earned us credibility and prominence with our clients, who largely make up the 100 largest companies in Brazil.

today through 25 strategic partnerships with global manufacturers and our SOC, SAFEWAY is considered a one stop shopping with the best solutions in technology, processes and people. We have both the technical skills and the experience necessary to assist your company in the process of structuring controls and preparing the environment for the implementation of an ISMS, SGS or SGCN and, consequently, certification of operations, services or companies to the ISO27001, ISO20000 or ISO22301 standards.

In order to support companies in this process of evaluation and adaptation to the requirements of the LGPD, [SAFEWAY] has in its portfolio of services, the Cybersecurity Health Check whose objective is to carry out a diagnosis of the CyberSecurity, Information Security and Data Privacy implemented in your company, contemplating the pillars of Law SuitPeople and Technology.

through the Cybersecurity Health Check, risks associated with information security and privacy of internal processes and activities are identified, existing controls and new controls evaluated according to the size of your organization to increase the level of maturity and compliance, in accordance with good information security practices. If you would like more information, contact one of our experts!