Triple Extortion: A New Layer of Cyber Threat

‘‘A little bit of ransomware, a little bit of DDoS extortion, and a whole lot of trouble.’’ – NETSCOUT

Ransomware as a service (RaaS) has risen in popularity in recent years. The subscription-based model mimics that of Software as a Service (SaaS) and allow those with no technical knowledge to conduct high-velocity ransomware attacks, a skill previously only found in those with significant coding and computer knowledge. Some RaaS portals don’t even ask for a subscription, merely a percentage of the money gained from the attack, confident that their process will have high success and low discovery rates.

Typical RaaS or ransomware attacks operate on a one or two-layer model, featuring data encryption and data theft to bully a network into handing over the payment, but what happens when a DDoS attack is thrown into the mix?

Ransomware and DDoS have now been combined to form a new triple-layer attack, not only encrypting a networks’ files and stealing their data but also completely overrunning it with malicious traffic to add to the pressure on the victim.

Combing these three elements creates an incredibly high-pressure triple-extortion environment for the cybersecurity team dealing with the attack, and ransomware families such as SunCrypt, Avaddon, and Darkside are utilising this new high-power combination to illicit millions from underprepared organisations.

Between RaaS users and the known ransomware families, the threat to organisations with inadequate cyber security has risen significantly. 2021 has seen a 40% increase in regular weekly attacks, with the education, healthcare, and manufacturing sectors being hit the hardest with these elevated levels.

Comprehensive cybersecurity is no longer optional, and any organisation with an online presence could fall prey to a cyber-attack. Protecting yourself from the sheer force of triple extortion may feel like a mountainous task, but implementing smart and up to date cybersecurity defences will significantly increase your ability to fight off an attack before it overwhelms your network.

Mitigating Triple Extortion

Networks can begin to mitigate the effects of triple-extortion by ensuring they have the means to defend against each element that constitutes the attack. This means having up to date protections for general malware and DDoS threats and combining this with employee education and training.

Statistically, for every 3000 emails that make it through Malware scans 1 will still contain malicious files – leaving it up to the recipient to be on the watch for potential phishing content. The best method for success is an amalgamation of high-performance automated malware and DDoS protection, and thorough training and engagement from all employees, especially remote workers.

Here at RedSpam we have extensive experience in cyber defence and offer a myriad of services ranging from security to education and everything between. For a tailored analysis of your network requirements, get in touch with a RedSpam specialist today.