enafi , the inventor and a leading

This data takes on a new urgency in light of the recent advisory from the UK ’ s National Cyber Security Centre ( NCSC ), Australian Cyber Security Centre ( ACSC ), Federal Bureau of Investigation ( FBI ), National Security Agency ( NSA ) and Cybersecurity and Infrastructure Security Agency ( CISA ) that has detailed the growing risks posed by ransomware .

Extortion tactics mean that ransomware defence strategies focused on data protection are no longer effective . Organisations need a more robust ransomware security programme to protect against these risks .

Double and triple extortion tactics are creating new security challenges for victims of ransomware , regardless of company size . Even after a ransom has been paid , cybercriminals are following through on multiple threats :

• Almost a fifth ( 18 %) of victims paid the ransom but still had their data exposed on the Dark Web .

• Almost one in 10 companies ( 8 %) refused to pay the ransom and the attackers tried to extort their customers .

• More than a third ( 35 %) of victims paid the ransom but were still unable to retrieve their data .

“ Ransomware attacks have become much more dangerous . They have evolved beyond basic security defences and Business Continuity techniques like next-gen antivirus and backups ,” said Kevin Bocek , Vice President of Business Development and Threat intelligence at Venafi . “ Organisations are unprepared to defend against ransomware that exfiltrates data , so they pay the ransom , but this only motivates attackers to target new victims . The bad news is that attackers are following through on extortion threats , even after the ransom has been paid . This means CISOs are under increased pressure because a successful attack is much more likely to create a full-scale service disruption that affects customers .”

When asked about the evolution of extortion in ransomware attacks , 71 % of those polled say that double and triple extortion tactics have grown in popularity over the last 12 months and 65 % agree that these new threats make it much harder to say no to ransom demands .

“ Threat actors are constantly evolving their attacks to make them more potent and it ’ s time for the cybersecurity industry to respond in kind ,” said Bocek . “ Ransomware often evades detection simply because it runs without a trusted machine identity . Using machine identity management to reduce the use of unsigned scripts , increase code signing and restrict the execution of malicious macros are vital to well-rounded ransomware protection .” u intelligent DATA SECURITY www . intelligentciso . com

57