Ransomware is a type of malware that encrypts a victim's computer files.The attacker demands money from the victim to restore his computer back to normal. The attacker is  sending instructions on how to pay the fee to get the description key for the restoration process.The costs for the description key can range from a few hundred dollars to thousands, payable to cybercriminals in Crypto currency.

Now the cybercriminals who specialized in ransomware have more lethal and they have already been using double extortion tactics which is now they threaten to leak the private data to the public.

Image by brightlineit

The number of organizations affected by ransomware so far this year has significantly increased, compared with the previous year.For all of 2020, ransomware cost businesses worldwide around $20 billion.The healthcare sector has been getting the highest volume of ransomware attacks with around 109 per organization each week. The utilities sector has 59 attacks per organization per week. The insurance and legal sector have been attacked 34 times each week.

The double extortion tactic is extremely popular and profitable among ransomware attackers. Last year, more than 1,000 companies found that their data had been leaked publicly after they refused to cave into the attackers demands. Over that time, the average ransom payment jumped by 171% to around $310,000.

But the tactic that started after the end of 2020 and has continued into 2021, is triple extortion,which means the attacker sends demands not only to the attacked organization but to other third parties that would be hurt by the leaked data.

In one incident from last October, 40,000-patient Finnish psychotherapy clinic Vastaamo was hit by a breach that led to the theft of patient data and a ransomware attack. As expected, the attackers demanded a healthy sum of ransom from the clinic. They also emailed the patients directly, demanding smaller sums of money or else they would leak their therapist session notes. Due to the breach and the financial damage, Vastaamo was forced to declare bankruptcy and ultimately shut down its business.

"Third-party victims, such as company clients, external colleagues and service providers, are heavily influenced and damaged by data breaches caused by these ransomware attacks, even if their network resources are not targeted directly," Check Point said in its report. "Whether further ransom is demanded from them or not, they are powerless in the face of such a threat and have a lot to lose should the incident take a wrong turn. Such victims are a natural target for extortion and might be on the ransomware groups' radar from now on."