May 12, 2022

‘Double extortion’ – evolving ransomware tactic

Double extortion’ is the term given to an evolving ransomware tactic: first, steal confidential data, then encrypt the victim’s files.


Cybercriminal uses a database encryption attack to extort money but with an additional initial attack to ensure that the backup does not render the attack useless. Before a cybercriminal attack with ransomware, he hacks into the company’s database, extracts as much data as possible, and stores it on its servers. Then, the ransomware attack is launched in the normal way (this means carrying out combined attacks, in which, for example, a DDoS attack is triggered after a ransomware infection).

As the latest research shows the sector of small and medium-sized enterprises is the most exposed to double extortion attacks.


Here are some tips on how to prevent your company from cyberattacks:

👉 Focus on preventive measures: conduct simulation attacks and penetration tests.

👉 Provide regular security awareness training – increase employees’ awareness of possible dangers.

👉 Ensure that security best practices have been implemented across all users.

👉 Increase the security of your corporate e-mail inbox.

👉 Introduce active and up-to-date antivirus software in your organization.

👉 Protection against data leakage.

👉 Good organization of the offline and online backup plan.

👉 Business Continuity Plan in case of an incident.


These are just some of the recommended basic actions. You need to devote more time and attention to properly and, most importantly, effectively securing yourself and your organization.

Do you want to know more? Please contact us at


Magdalena Jaczewska-Hawryluk

Cybersecurity Consultant


Photo: Fili Santillán

Read more:

Back To School – Cyber Guide

If we are discussing cyber security issues, we must admit that a safe child is a safe parent. If you take proper care of your children’s digital safety, you will avoid the risk of data theft, hacking attacks, data leaks to the web, and other dangers that minors are exposed to online. Take care of […]

Holiday cybersecurity with NaviRisk cyber guide

Here are some tips from our cyber risk experts. Read on to enjoy a safe vacation!   We are excited to search for the perfect vacation, trying to provide ourselves and our loved ones with a beautiful time and unforgettable moments. We usually take many precautions when going on vacation. We buy travel insurance, keep […]

Cybertaps for Law Firms

Asked why he’d robbed banks, a notorious American gangster from the Great Depression era famously replied: ‘If they kept money in candy stores, I would rob candy stores.’  Is there any connection between old-style robbers and the plight of modern l law firms? On the surface, not really. After all, what can you steal from […]


NaviRisk Sp. z o.o.

ul. Huculska 5/6
00-730 Warsaw

+48 605 19 11 19


Do you have any questions? Write to us!