"Double-Extortion Ransomware Attacks Surged in 2020"

During a new study, researchers at F-Secure discovered that double-extortion ransomware attacks exploded in 2020.  The tactic involves threat actors stealing data from organizations in addition to encrypting files. This means that, as well as demanding a ransom to decrypt data, attackers can later threaten to leak the stolen information if an additional payment is not made.  The researchers observed that by the end of 2020, 15 different ransomware families had used this double-extortion approach, which compares to just one in 2019. The researchers also found that nearly 40% of ransomware families discovered last year utilized this ransomware method.  Calvin Gan, a senior manager with F-Secure’s Tactical Defense Unit, stated that organizations with reliable backups and effective restoration procedures are in a solid position to recover from a ransomware attack without having to pay. During the study, the researchers also found many other significant cybersecurity trends that took place in 2020. There was a tripling in the use of Excel formulas to obfuscate malicious code in the second half of 2020. Regarding phishing attacks, the researchers found that the most popular brand spoofed in emails was Outlook, followed by Facebook Inc. and Office365, while web hosting services made up nearly three-quarters of domains used to host phishing pages.

Infosecurity reports: "Double-Extortion Ransomware Attacks Surged in 2020"