Extortion only – no encryption

Ransomware is known for encrypting your data then demanding money for the key to recover your information (probably).

Then ransomware moved on to not only encrypting but stealing your information and then extorting another ransom from you to not release or sell your information.

Now there is ransomware that skips the encryption and goes straight to extortion.

BianLian ransomware gang shifts focus to pure data extortion (bleepingcomputer.com)

Why?

A comprehensive back-up is a great defence for encryption ransomware as is the discovery of an encryption key that will release your information.

However many organisations do not protect privileged roles and even more do not classify their information and then restrict access, or encrypt files based on the “principle of least privilege”. This makes stealing valuable information easier and more profitable.

This week’s articles on CyberAwake on Tuesday and Thursday will be looking at some steps that will mitigate this type of risk.

Clive Catton MSc (Cyber Security) – by-line and other articles

phishing emails
Cyber Security Experts | Awareness | Training (cyberawake.co.uk)