Double extortion 🔴 Attack

Double extortion is a technique used in ransomware attacks, where cybercriminals combine two forms of blackmail to put pressure on the victim:

Data encryption: as in a classic ransomware attack, the victim's files are encrypted, making it impossible to access them without a decryption key that the attackers promise to provide in exchange for a ransom.
Theft and threat of disclosure: before or during encryption, attackers exfiltrate (steal) sensitive data. They then threaten to publish it on the Internet (or sell it) if the victim does not pay the ransom - even if the victim can restore the data via backups.