• Partners
  • Contact Us
  • Client Support
Coretelligent
  • About
    • Why Choose Coretelligent As Your Managed Service Provider?
    • Core Values
    • Leadership
    • Testimonials
    • Careers
  • Digital Transformation
    • DTS Overview
    • Data Analytics, Data Management, and Business Intelligence Insights
    • Compliant Infrastructure for Life Sciences
    • Workflow Automation
  • Managed IT Services
    • Overview
    • Security & Compliance
    • IT Compliance for Financial Services
    • Comprehensive IT Support
    • IT Planning & Strategy
    • Unified Cloud Management
    • Backup & Disaster Recovery
    • Co-Managed Services
  • Industries
    • Overview
    • Financial Services
    • Life Sciences
    • Professional Services
  • IT Resources
    • Resource Library
    • Blog
    • On-Demand Webinars and Videos
    • Press Releases
    • Media Coverage
  • Contact
  • Search
  • Menu

Insights Articles

Our Information Technology Views and Articles

How is Double Encryption Ransomware Making Double the Trouble for Businesses?

Insights
June 9, 2021

Double Encryption RansomwareIn 2020 ransomware victims paid over $350 million in ransom to cybercriminals—a 311% increase over the prior year—according to a 2021 report from the Ransomware Task Force. And the tactics used by the attackers are ever-evolving, designed to make their attempts more successful and profitable.

While not necessarily new, double encryption ransomware is one tactic that has seen an increase. Previous attempts usually involved cybercriminal groups combining forces for a coordinated attack on an organization. However, this time around, the strategy is different.

What is Double Encryption Ransomware

Double encryption is a variant of double extortion. Many double extortion attempts involve a ransom demand to unlock data, followed by a threat to release sensitive data unless an organization pays a second ransom. The key in both double encryption and double extortion is that there are two distinct ransom attempts.

Recent months have brought about an increase in double encryption ransomware attacks. These attacks have centered around two models.

    1. In the first, a criminal group encrypts an organization’s data and extracts a ransom only for the victim to discover that a different type of malware also encrypts their data. Sometimes, the victim is aware of both encryptions; other times, targets are notified only after paying the ransom for the first encryption.
    2. With the second model, criminals encrypt half of an organization’s data with one type of malware and the remaining data with another malware program. Again, sometimes victims are aware of both encryptions up front; in other cases, they only become aware after paying the first ransom.

A helpful analogy might be thieves returning to the same house because the initial robbery was fruitful, and access to the home was easy enough.

When faced with a ransomware demand, it might be tempting to pay it. Yet, there is no guarantee that the attackers will provide the encryption key—or that they are not also planning to spring another encryption on your organization.

Remember, there is no honor amongst thieves, and cybercriminals will use whatever strategy nets them the most profit. That is why law enforcement recommends that victims do not pay ransoms. Acquiescing to the demands of ransomware extortionists only feeds the fire and escalates the threat to us all.

How to Safeguard Your Organization

Cybersecurity experts recommend implementing a secure offsite backup system as the most effective way for your organization to combat ransomware—double encryption attempt or not. No matter what, a cyberattack will be a disruption to your business. Still, a robust backup system will allow your organization to get up and running without relying on cybercriminals to be trustworthy and incomplete or corrupted data from frequently faulty de-encryption methods. A secure backup system also provides the option for your organization to choose not to comply with the ransom demands, which is, again, the recommended response according to law enforcement.

In considering or evaluating an existing backup system, make sure to utilize the best practices for backup systems:

    • Implement and regularly test your organization’s backup system. Backups are only as effective as your ability to restore from them. A reliable backup system should not be “set it and forget it.”
    • Backups should be securely stored and not accessible via your organization’s network to safeguard them from cybercriminals.
    • Prepare a contingency and restoration plan that can be put into action if the worst happens.

Backup and Disaster Recovery Solution

Coretelligent is a leader in backup and disaster recovery. Our CoreBDR solution provides high-performance, highly secure data protection to maintain business continuity, no matter the source of the data loss—whether natural disaster, accident, or cybercrime.  CoreBDR protects all types of data: including massive, complex, and rapidly growing data sets with unprecedented recovery times, scalability, and security.

To learn more about CoreBDR and our other cybersecurity solutions, reach out to our experts online or call 855.841.5888.

by Jen Wallace
« Fast Fact Friday: First Ransomware AttackPhishing Scam Targets Brokerages with Fake FINRA Credentials »

Latest Insights / Articles

January 9, 2023

What is SOX Compliance & What are the Requirements? (2023 Update)

January 8, 2023

Financial Services Compliance: What to Know in 2023

January 6, 2023

What Is Cyber Insurance Compliance? What You Need to Know

January 4, 2023

What is Cyber Hygiene & Why is it Important? (Best Practices)

Read our Latest Resources
Digital Transformation Case Study

Leveraging Digital Transformation: A Multiphase Case Study

Download Now
Compliant Infrastructure Case Study

Therapeutics Company Benefits from Compliant Infrastructure

Download Now
On-Demand Webinar: Solving Compliance & Cybersecurity for Financial Firms

On-Demand Webinar: Solving Compliance & Cybersecurity for Financial Firms

Download Now

About

  • Why Choose Coretelligent As Your Managed Service Provider?
  • Core Values
  • Leadership
  • Testimonials
  • Partners
  • Careers

Solutions

  • Overview
  • IT Planning & Strategy
  • Comprehensive IT Support
  • Security & Compliance
  • Unified Cloud Management
  • Backup & Disaster Recovery
  • Co-Managed Services
  • Digital Transformation Services

Industries

  • Overview
  • Financial Services
  • Life Sciences
  • Professional Services

Contact

Sales & Support: 1-855-841-5888

Email: info@coretelligent.com

Support Service Center

Let’s Talk

Schedule a no-obligation consultation.

Contact Us Today

Locations

Atlanta

Boston

Chicago

Dallas

Houston

Los Angeles

Maryland

New York

Philadelphia

Portland

San Francisco

Stamford

Tampa

Washington, D.C.

West Palm Beach

Virginia

Follow Us

  • Facebook
  • Twitter
  • LinkedIn

© 2022 Coretelligent. All rights reserved.

Privacy Policy

CCPA Privacy Notice

Scroll to top