• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH
Compliance, IT Infrastructure, Network Security, News

Ransomware Is Now More Than Just Data Encryption

In addition to encrypting your data, cybercriminals are threatening to release sensitive data unless the ransom is paid.

July 20, 2021 Zachary Comeau Leave a Comment

Ransomware
Rawf8/stock.adobe.com

Ransomware continues to be a cybersecurity pandemic as organizations are being forced to either rebuild their systems from scratch or pay six-figure ransoms for a decryption tool from the hackers that might not even work that well.

However, cybercriminals are getting smarter and are adopting new methods and techniques, and having your data held hostage is now the least of your worries, according to cybersecurity experts.

Now, ransomware operators are stealing sensitive data from that compromised network and threatening to leak the contents of that data unless a ransom is paid, which complicates an organization’s efforts to simply wipe the compromised systems clean and restore from backups.

Recent research shows that even when an organization pays a ransom, that operator will attack the same victim again, suggesting that companies need to do more to harden their defenses and prevent network access in the first place.

According to studies, only 57% of ransomware victims get all their data back after paying a ransom, and 80% of organizations that paid a ransom were attacked again.

In case you were wondering, the answer is no, you cannot trust ransomware gangs to leave you alone and give you back all your data after a successful attack.

It’s not just about the encryption anymore

In fact, there are some cases in which ransomware gangs are demanding double payment. The first is to decrypt the data, and the other is so that stolen sensitive data does not wind up somewhere on the internet, said Katie Nickels, director of intelligence at cybersecurity firm Red Canary, during a recent RSA Conference session.

According to Nickels, Maze, one of the more infamous ransomware groups, in 2019 began leaking victim data if victims didn’t pay.

“Since then, unfortunately, may started an unfortunate new trend,” Nickels said. “All of these different ransomware groups have started doing this exfiltration of data, and then extortion.”

According to an April report from ransomware prevention software provider Coveware, the vast majority of ransomware attacks now involve data exfiltration. This allows the attacker to exfiltrate data from the most convenient file server and escalate privileges and deploy ransomware on as many endpoints as possible.

The company’s report found that 77% of ransomware attacks in the first quarter of this year followed that trend, which is up from 70% in the quarter prior.

“This might seem obvious, but there is no honor among thieves,” Nickels said. “These people are criminals — you cannot trust them.”

How you can keep your organization safe from these attacks

  • Basic cybersecurity best practices. This includes not clicking on links in suspicious emails, implementing multi-factor authentication, practicing good password security, keep anti-malware software up to date and deploying email security solutions.
  • Store backup data offline. This is the low-hanging fruit of ransomware mitigation. Store data offline so an attacker can’t access it through the internet, and conduct regular restoration tests.
  • Detection. In addition to looking for signs of encryption and signs of deleted volume shadow copies (a Windows service that creates backup copies of files in the background), organizations should also look for signs of exfiltration.
  • Disable unnecessary file-sharing tools. If a ransomware attacker is successful in penetrating your network, they can use those to exfiltrate your data.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Backup, Cybersecurity, ransomware

Related Content:

  • Cloud, SASE, Aryaka How the Cloud is Redefining Media Production and…
  • Singlewire Software mass notification interview Singlewire Software on Mass Notification Solutions
  • URI catchbox 1 Catchbox Plus: The Mic Solution That Finally Gave…
  • Engaging virtual meeting with diverse participants discussing creative ideas in a bright office space during daylight hours Diversified Survey: Workplace AV Tech is Falling Short,…

Free downloadable guide you may like:

  • Practical Design Guide for Office SpacesPractical Design Guide for Office Spaces

    Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-face time with co-workers. When designing the office spaces — and meeting spaces in particular — enabling that connection between co-workers is crucial. But introducing the right collaboration technology in meeting spaces can […]

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.