Ransomware attacks involve criminals hacking into a system, then encrypting the owner's data. They take control over the data and manipulate it in any way they can to extort the victim into paying a ransom. Various forms of ransomware are surfacing which each put their own spin on the crime.

Traditional Ransomware

Cybercriminals regularly hack a target, encrypt their data, and hold it hostage. Targets range from individuals to entities of all sizes. The criminals extort their victims by promising to exchange the decryption key for a ransom. Traditional ransomware is still a big deal. It makes national news as pipelines and local governments fall prey.

Double Extortion Ransomware

Victims have become hesitant to pay ransoms. There are a variety of possible reasons. Many organizations recognize the risks of ransomware, and have started properly backing up their data to avoid paying ransoms. Some victims hesitate to pay ransom due to insurance and legal mandates. Others have heard of the times ransoms have been paid, but victims never recovered all their data.

To increase the pressure to pay, cybercriminals created double extortion ransomware. In this, the hacker makes copies of the victim's data before encryption. The hackers then threaten to make the data public, so are more likely to get paid. Alternately, they can extort a second payday if the target already paid the initial ransom.

Double extortion is rapidly rising. It was considered new in 2019. According to Coveware, it was part of 70% of ransomware attacks in the last quarter of 2020.

What Is Triple Extortion Ransomware?

Triple extortion ransomware is the next frontier in cybercrime. It uses stolen data to target people beyond the initial victim. Clients, donors, and other associates become the second wave of targets. This second wave may be extorted to pay ransoms in addition to the ransoms paid by the initial victim. Further, the threat of such extortion may convince the initial victim to pay their ransom.

Who Is At Risk?

Triple extortion is new, but has already affected mental health care providers and big name companies. No one seems to be off limits. Victims of triple extortion are targeted for their connections more than just their cash.

This trend leaves us at Frontline particularly concerned for our clients. Nonprofits have many community connections in the form of their donors. Further, many nonprofits handle other sensitive information. Churches and counseling centers handle private counseling notes. Some service organizations protect victims of crime whose very identities are secret. The list goes on.

What Can You Do?

They say an ounce of prevention is better than a pound of cure. This is certainly true when it comes to ransomware. To prevent falling prey to it…

• Avoid being phished.

• • Check out our blog for some quick tips to help spot a phish.
  • Use phishing awareness training and testing programs to help you recognize tricky phishers.
  • Use strong email security filtration tools to pre-screen your emails.

• Protect your data.

• • Guard passwords and answers to security questions.
  • Enable multifactor authentication.
  • Limit access to sensitive files.
  • Delete old staff and volunteer logins.

• Protect your devices and networks.

• • Update and patch your operating system and software.
  • Use strong endpoint protection, such as next-generation anti-virus.
  • Never use or share unknown USB sticks.
  • Use a VPN if you access public wi-fi.

Can Frontline Help?

Frontline provides services and solutions that help you get and stay secure. Centurion360 solutions  include security assessments to identify strengths and weaknesses in your organization's technology, creation of a strategic plan to resolve discovered weakness, and execution of those plans. Ongoing support is available through partially or fully managed IT services.

ABOUT FRONTLINE TECHNOLOGY LLC

Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders. With over 20 years' experience serving organizations of all sizes, Frontline understands the unique needs, budgets, and technology challenges of nonprofits.

Technology is often perceived as complicated and expensive. Many nonprofits struggle to implement the technology solutions and security needed to drive their mission forward. Frontline Technology helps nonprofits overcome their technology challenges so they can stay focused on their mission.

For nonprofits of every type and size:  We Keep IT Simple