CFOtech Australia logo
Technology news for Australian CFOs and financial decision-makers
Story image

Pressure points: Ransomware operators run their extortion efforts through a multiplier

By Contributor
Tue 7 Dec 2021

Article by Tecala, manager - cyber security, Murray Mills.

Attackers have doubled the number of techniques simultaneously deployed against victims in a few short months.

It used to be that encrypting files was enough to squeeze a ransom out of a business. 

But as more ransomware victims rely on backups instead of their bank balance to get themselves out of trouble, attackers have also switched tactics in an attempt to improve their chances of being paid.

Recent research shows that threat actors now “employ up to three additional leverage points, in addition to file encryption, to maximise extortion pressure on victims.”

From 2019-2021, ransomware groups increasingly utilised a second form of extortion (aka “double extortion”) in which sensitive data was downloaded and posted on leak sites – sometimes with a countdown timer. If organisations fail to pay in a timely manner, not only is the ransom fee likely to increase, but threat actors will begin leaking sensitive information stolen during the intrusion.

Additional tactics such as Distributed Denial of Service (DDoS) and contacting the organisation’s customers and affiliates have become common in 2021 (aka “triple” or “quadruple” extortion).

Attackers layered additional extortion methods one on top of the other as it became progressively harder to extract a ransom using just one.

Governments and federal cyber security agencies have played a part in making the ‘business’ of ransomware more challenging. Together with insurers, they have seeded the message that paying a ransom is inadvisable as a matter of policy and principle.

One of the reasons it’s inadvisable is that payment is a less reliable way of recovery than wiping everything and restoring from good backups. As one recent survey showed, only one-third of victims pay to get their data back compared to 57% that restore from backup. Of those that do pay, only 8% get all their data back. Those simply aren’t good odds.

The response from attackers has not been to improve the quality of decryption tools but to instead double, triple or quadruple down on their extortion attempts by throwing more and more types of attacks at victims simultaneously in the hope that at least one will wreak the desired havoc.

That multiplier effect has happened relatively quickly.

In May-June of 2021, there were reports of double extortion attacks, comprising ransomware and data exfiltration to ratchet up pressure on target organisations.

Triple and quadruple extortion attempts arrived simultaneously in the past couple of months. As double extortion attempts faltered, criminals started to DDoS victims or call executives and record negotiations for payment, which they could then either leak or use for additional leverage. 

According to research, this “harassment” element also extended beyond company executives to partners, customers, and even tipping media organisations off to compromises. 
In the last month, there have even been references to quintuple extortion attacks starting to crop up. 

Which is all to say that ransomware operators are not going to stop trying multitudes of attacks anytime soon, especially while there remains a one-in-three shot at extracting payment. 

Countering multiple attacks

Beyond maintaining good backups, there are strategies that organisations can deploy to improve their cyber security hygiene and make life more difficult for would-be attackers, no matter how many extortion techniques are thrown at them.

One of these strategies is to adopt managed detection and response (MDR), an all-in-one cyber security service designed to detect, disrupt, and remediate known and unknown cyber threats such as ransomware infections.

With a rapidly evolving threat landscape, and the real possibility of double, triple or quadruple extortion attacks, organisations need confidence that their data and critical assets are secure. 
Since initial access to data exfiltration and deployment of ransomware can unfold in mere hours, CISOs need to re-evaluate their security program, posture, and controls against the backdrop of the heightened risk organisations face from threat actors.

In addition, security operations teams need up-to-date threat detection capabilities and incident
response playbooks to fully respond and remediate ransomware threats. 

MDR, a modern security operations centre capability comprising skilled personnel and sophisticated tooling, is fast becoming the best-practice standard for stopping multiple cyber threats before they can disrupt an organisation or business.

Organisations that are considering their options to bolster their defences against ransomware or multiple extortion attacks are first advised to undertake a detailed security assessment to map out where their operations are most at risk and to create a strategic security roadmap to address the identified risks.

This process will also clarify the extent to which MDR tools and techniques may be effectively deployed to counter the identified risks.

Related stories
Top stories
Story image
Thales on recruitment hunt for next disruptive innovations
"Recruiting new talent is part of Thales's belief in the power of innovation and technological progress to build a safer, greener and more inclusive world."
Story image
Honeywell named Frankston facility services provider
Honeywell has been named the joint facility services provider for Frankston Hospital’s AU$1.1 billion redevelopment.
Story image
BT builds on Equinix partnership with new cloud offering
BT has launched a next-generation cloud connectivity offering extending its global network into strategic carrier-neutral facilities (CNFs) and building on its existing partnership with Equinix.
Story image
Remote Working
RDP attacks on the rise, Kaspersky experts offer advice
"Given that remote work is here to stay, we urge companies to seriously look into securing their remote and hybrid workforce to protect their data."
Story image
Honeywell launches new carbon energy management software for buildings
The new Carbon & Energy Management service allows building owners to track and optimise energy performance against carbon reduction goals, down to a device or asset level.
Story image
Vulnerable APIs costing businesses billions every year
Large companies are particularly vulnerable to the security risks associated with exposed or unprotected APIs as they accelerate digital transformation.  
Story image
Artificial Intelligence
Juniper study reveals top AI trends in APAC region
Juniper's research shows an increase in enterprise artificial intelligence adoption over the last 12 months is yielding tangible benefits to organisations.
Story image
Overcoming hybrid and multi-cloud challenges to drive innovation
Driven by improvements in technology, financial services companies have advanced both internal and external systems and processes, with the likes of digitisation, personalisation and risk management redefining the industry.
Story image
Ericsson and Ciena, Telstra enhance service capacity for Telstra's optical network
Ericsson, Telstra, and Ciena have announced new enhancements to Telstra's Next Generation Optical Network, which will increase the service capacity of Telstra's optical network to 400 GE (Gigabit per Second Ethernet).
The Access Group
Increasing headcount isn't always the best way to grow. A good financial strategy can help solve many issues, and The Access Group shares the secret to success.
Link image
Story image
Macquarie Data Centres
Macquarie deal to pioneer CO2-cutting data centre tech in Australia
Macquarie Data Centres has signed a multi-year deal with ResetData, an Australian first provider using Submer data centre technology. 
Story image
Digital wallets
NFTs are ready to disrupt the ticketing world
The last few months have seen NFTs wielded by digital creators to take ownership over their craft and content. Now other industries are beginning to understand the real-world value that these nifty decentralised tokens can provide.
Story image
How New South Wales state departments achieved cloud migration success
State departments in New South Wales are heading to the cloud to achieve better workflow solutions, and one company is paving the way for their success.
Story image
Enterprise Resource Planning / ERP
Five ways your ERP is letting you down and why its time for a change
Wiise explains while moving to a new system may seem daunting, the truth is that legacy systems could be holding your business back.
Story image
Artificial Intelligence
Accenture shares the benefits of supply chain visibility
It's clear that gaining better visibility into the supply chain will help organisations avoid excess costs, inefficiencies, and complexity to ultimately improve their bottom line.
Story image
Data Protection
Five signs your business is ready to move to the cloud
Many organisations are thinking about moving to the cloud. But what are the signs you are ready, and what are the reasons to move?
Discover the 5 ways your ERP may be letting you down. Is your current system outdated, difficult to manage, and costing you a fortune?
Link image
Story image
Industry-first comprehensive risk-based API security enhances protection
Application Programming Interfaces (APIs) have become a crucial part of operating web and mobile application businesses and are causing significant economic growth in the digital sector.
Story image
Forrester names Talend Leader in enterprise data fabric
Forrester has named Talend a leader among enterprise data fabric providers in the Forrester Wave: Enterprise Data Fabric, Q2 2022 report.
Digital Transformation
Discover the 5 signs your business is ready for a cloud-based ERP. Is your business being left behind as more of your competitors switch to the cloud?
Link image
PwC's Consulting Business and PwC's Indigenous Consulting are proud to play an important role in helping Australian Indigenous Mentoring Experience build IMAGI-NATION, a free online university for marginalised communities around the world.
Link image
Story image
Public Cloud
Public cloud services revenues top $400 billion in 2021
"For the next several years, leading cloud providers will play a critical role in helping enterprises navigate the current storms of disruption."
Story image
New VMware offerings improve cloud infrastructure management
VMware has unveiled VMware vSphere+ and VMware vSAN+ to help organisations bring benefits of the cloud to existing on-prem infrastructure.
Story image
Data ownership
Brands must reclaim trust by empowering data ownership
According to Twilio's new State of Personalisation Report 2022, 62% of consumers expect personalisation from brands, and yet only 40% trust brands to use their data responsibly and keep it safe.
Story image
Four factors to consider when choosing the right job accounting solution
Progressive job-based businesses can achieve success by strengthening their ability to quantify every cost attributable to the delivery of an outcome for a customer.
Story image
Digital Transformation
Google Cloud launches new Digital Accelerator bundles for Aussie SMBs
The new bundles are designed to help Australian small and medium-sized businesses embrace digital transformation and take their businesses online.
Story image
Tech and data’s role in the changing face of compliance
Accenture's study found that 93% of respondents agree or strongly agree new technologies such as AI and cloud make compliance easier.
Story image
Monitors are an excellent incentive for getting employees back
The pandemic has taught us that hybrid working is a lot easier than we would’ve thought, so how can the office be made to feel as comfortable as home? The answer could be staring you in the face right now.
Story image
Four things wholesale distributors need to consider for FY2023
In a post-pandemic world, there are many things for a distribution business to juggle. ERP solutions company Wiise narrows down what companies should focus on.
Story image
Multi Cloud
Cloud is a tool, not a destination
For many years, “cloud” has been thought of as a destination which has led to a misguided strategy that sees an enterprise trying to shift all its applications to a single cloud provider – regardless of the specific needs and nuances of each individual workload.
WSLHD and PwC’s Consulting Business came together to solve through the challenges of COVID-19. A model of care was developed to the NSW Health Agency for Clinical Innovation guidelines with new technology platforms and an entirely new workforce.
Link image
Story image
Survey finds 94% of Australian IT leaders looking at NaaS
Aruba’s latest survey reveals a rising interest in NaaS among Australian technology leaders as they re-evaluate their current infrastructure and network setup.
Story image
Corpay announces new collaboration with Triterras
Corpay and fintech firm Triterras have announced a new collaboration between Corpay’s Cross-Border business and Triterras Inc.    
Story image
Dicker Data
EXCLUSIVE: Why women in IT makes good business sense - Dicker Data
The Federal government wants to bolster female participation in the tech industry to at least 40% by 2030. Here's how one homegrown Australian company has already reached that goal.
Story image
Adobe study finds lack of digital trust and utilisation in Australian Government agencies
New research commissioned by Adobe has revealed a significant lack of digital trust within Australian Government departments, along with the continued underutilisation of key digital processes.
The Access Group
Struggling to understand which transformative technologies will help your business? The Access Group provides a look into key opportunities and impacts for finance.
Link image
Story image
Civil Defence
OutSystems platform chosen as part of ADF contract
"To be included in this project is a reflection of our ability to deliver secure, modern digital outcomes for defence at an incredible pace."
Story image
Martech experts reveal the “buzz” on personalisation
In the digital age, innovative technology must be leveraged to power an efficient and effective relationship marketing strategy.
Project management
Discover the 4 crucial factors for choosing the right job-costing solution. Is your team struggling to cost jobs and keep projects running on budget?
Link image
Story image
How to achieve your monthly recurring revenue goals
Monthly recurring revenue (MRR) is the ultimate goal, the most important issue on which anyone in the IT channel should focus.
Supply chain
Discover the 4 critical priorities for wholesale distribution businesses in FY23. Are you worried about how supply chain issues may affect your business in 2023?
Link image
Story image
How Airwallex helps businesses achieve globalisation success
As markets continue to shift, businesses need to be able to provide the same quality of service for customers regardless of where they are located around the world.
The Access Group
Health and social care organisations are currently under significant financial pressure. Find out how financial transformation can help provide an effective route forward.
Link image
Story image
Tech job moves
Tech job moves - Bitdefender, Cohesity, Fortinet & MODIFI
We round up all job appointments from June 27-30, 2022, in one place to keep you updated with the latest from across the tech industries.