May 12, 2022
‘Double extortion’ – evolving ransomware tactic
Double extortion’ is the term given to an evolving ransomware tactic: first, steal confidential data, then encrypt the victim’s files.
Cybercriminal uses a database encryption attack to extort money but with an additional initial attack to ensure that the backup does not render the attack useless. Before a cybercriminal attack with ransomware, he hacks into the company’s database, extracts as much data as possible, and stores it on its servers. Then, the ransomware attack is launched in the normal way (this means carrying out combined attacks, in which, for example, a DDoS attack is triggered after a ransomware infection).
As the latest research shows the sector of small and medium-sized enterprises is the most exposed to double extortion attacks.
Here are some tips on how to prevent your company from cyberattacks:
๐ Focus on preventive measures: conduct simulation attacks and penetration tests.
๐ Provide regular security awareness training – increase employees’ awareness of possible dangers.
๐ Ensure that security best practices have been implemented across all users.
๐ Increase the security of your corporate e-mail inbox.
๐ Introduce active and up-to-date antivirus software in your organization.
๐ Protection against data leakage.
๐ Good organization of the offline and online backup plan.
๐ Business Continuity Plan in case of an incident.
These are just some of the recommended basic actions. You need to devote more time and attention to properly and, most importantly, effectively securing yourself and your organization.
Do you want to know more? Please contact us at info@wearenavirisk.com
Magdalena Jaczewska-Hawryluk
Cybersecurity Consultant
Photo: Fili Santillรกn
Read more:
October 23, 2024
NaviRisk’s Comprehensive Due Diligence for Business Partners in Far East
Companies are increasingly operating across borders, thus the complexity and scope of potential risks have grown. NaviRisk gives them a comprehensive background screening of potential business partners. One of the most critical applications of international, multi-juridical investigations is in the vetting process of potential business partners. Ensuring a business associate’s credibility and ethical standing has […]
September 13, 2024
One-stop whistleblower system from NaviRisk
Starting September 25, the provisions of the “Law on the Protection of Whistleblowers” go into effect in Poland. If your company has more than 50 employees, you have little time to implement the new regulations and choose a tool for receiving notifications! Our team in NaviRisk offers a simple and cost-effective technology solution that will […]
August 22, 2024
OSINT Passport: Comprehensive Digital Footprint Analysis of Your Organization
In today’s world, where the volume of data in the digital space is growing exponentially, open sources are crucial for more than just information. They also represent potential backdoors for data leaks, the creation of compromising materials, and the acquisition of a comprehensive picture of individuals or companies. NaviRisk offers a complete overview of an […]