Let's look at how extortionware works, how it compares to ransomware and why the threat of extortionware is likely to continue growing in years to come.
Once access is gained, the victim's data is stolen and analyzed to identify information that can be used against them.
Ransomware is malware that locks and encrypts a victim's digital resources, ranging from select data to the entire computer system, making it inaccessible until a ransom payment is made to the attacker.
Ransomware is usually distributed through an infected attachment or malicious link.
Once ransomware has infected a user's system, cybercriminals search for files containing sensitive data, such as personally identifiable information, financial data and health records.
Extortionware might sound a bit like ransomware, and it is.
Both ransomware and extortionware access and exfiltrate company data, usually with the intent of making money off the company from which it was stolen.
Unlike ransomware, which forces the business to either pay up or lose access to the stolen data, extortionists threaten to publicly release the collected information.
Double extortion ransomware, for example, is when a malicious actor encrypts or locks access to systems and also threatens to release data stolen during the attack.
Most of the risks associated with ransomware can be mitigated by frequent offline data backups.
With backups, businesses can easily restore their encrypted data.
Offline backups prove worthless when cybercriminals threaten to release data, rather than delete it.
This distinction makes extortionware a greater risk to businesses than ransomware.
Despite the risk, ransomware remains far more common than extortionware.
The reason is simple: Hackers can automate the ransomware process, casting a wide victim net, while extortionware calls for a more time-consuming, targeted approach.
Ransomware remains the preferred attack method of cybercriminals because many organizations still don't have proper offline backup procedures.
Once the lure and lucrativeness of ransomware dry up, expect a rapid shift to extortionware.
Ransomware prevention best practices also apply to preventing extortionware.
Victims of ransomware attacks can often avoid paying the ransom by restoring the encrypted files from offline data backups.
With extortionware, prevention is the only way to keep bad actors from obtaining data and the only way an organization can remain unharmed.
This Cyber News was published on www.techtarget.com. Publication date: Thu, 30 May 2024 21:13:05 +0000