Researchers at Check Point have identified a growing trend for a new ransom-ware tactic. In what researchers call “double extortion,” the new tactic involves threat actors adding an additional stage to a ransom-ware attack: prior to encrypting a victim’s database, hackers will extract large quantities of sensitive information, threatening the publication of it unless ransom demands are paid, placing more pressure on victims to meet the demands of threat actors.
To prove the validity of the threat, threat actors leak a small portion of sensitive information to the dark web, dangling intimidation that more is to follow if ransom goes unpaid.
