Ransomware + Data Exfiltration Makes Any Breach Worse

Ransomware + Data Exfiltration Makes Any Breach Worse
Ransomware + Data Exfiltration

What’s worse than ransomware? It’s Ransomware + Data Exfiltration. Because not only is your data is encrypted so you can’t use it, the same data will be used to pressure you into paying them...even if you have a good backup.

As the history of cyber security unfolds, we’re seeing that the after-effects of any cyber security event gets worse over time. Now what we’re seeing is that the threat of Ransomware just got much worse with the advent of Data Exfiltration. In a typical ransomware breach, your data is locked up so that you can’t access it, grinding your business to a halt. And that’s bad enough. But Data Exfiltration makes your situation potentially much, much worse.

What Is Data Exfiltration

We all know the word “infiltration,” which means to enter or gain access to something. Exfiltration is to withdraw or remove something from somewhere...usually in a secretive way. So “Data Exfiltration” means to move your data off of your computer network and onto the hackers.

So now, your proprietary data is not only locked on your own network, but now there is a copy somewhere else that you cannot control. Because they have the key to unlock your data -- the key they want you to pay for -- they have access to all of your data, and they aren’t afraid to use it.

Data Exfiltration + Ransomware

Data Exfiltration is actually nothing new. People have been walking out of businesses with copies of financial records, customer lists, and proprietary business information for decades. The difference here is that it’s now combined with a Ransomware Attack. So while a conventional data exfiltration breach usually leaves the original data in place, the Data Exfiltration + Ransomware makes that original data unusable.

And now that the data has been transferred out of your company, very bad things can happen. According to Security Boulevard, a single data record from the breach data may be posted on a public site in order to prove that the breach and the exfiltration were real.

Non-payment of the ransom apparently makes the hackers very angry. In order to encourage other Ransomware + Data Exfiltration victims to pay, the hackers will put up a “public shaming” website that will make the breach public. KrebsOnSecurity quotes one such site as saying:

Represented here companies dont [sic] wish to cooperate with us, and trying to hide our successful attack on their resources,” the site explains in broken English. “Wait for their databases and private papers here. Follow the news!”, thus shaming the company.

Data Recovery is Only Half The Battle

So assuming that you have good backups and can restore your data, your company might be able to resume operations. But if you had a thought to not disclose your data breach to the proper authorities, customers, vendors, patients or others whose data might be included in the breach, think again.

The public disclosure of your breach on the shaming site will reveal to the world what has happened. And now, not only do you have to deal with the effects of the initial Ransomware + Data Exfiltration breach, you now have to deal with the effects of not disclosing the data, which might include criminal penalties.

How To Deal With a Ransomware + Data Exfiltration Breach

So the only way to deal with a Ransomware and data exfiltration event is to avoid it in the first place. And while no security technique can be guaranteed to be 100% effective, there are some techniques that are far, far more effective at preventing ransomware and other malware than what you are probably doing right now in your company.

That is why Digital Uppercut has a unique suite of security tools and processes that we can safely back with a million dollar Ransomware Guarantee. Our Business Protection Toolkit includes:

  • Web Filtering -- Blocks damage from known-bad sites
  • Email Filtering -- Emails filtered, links wrapped and attachments sandboxed
  • Advanced Endpoint Protection -- Stops known and unknown threats in their tracks
  • File and Folder Level Encryption -- More secure than the standard whole-disk encryption
  • Patch Management -- To keep your software updated to patch known vulnerabilities
  • Offsite Backup -- Productivity backups of your productivity data to the cloud
  • Awareness Training -- Your entire staff will be able to identify and prevent malware
  • Advanced Identity Monitoring
  • An SIEM to continuously monitor your security logs in real-time
  • A Security Operations Center -- Our Team of Experts continually watching over your network security.

Contact Digital Uppercut

Ransomware + Data Exfiltration is perhaps one of the scariest things we have ever reported on, and with good reason: There is no coming back from a Data Exfiltration episode. Even if you pay, there is no assurance that your data is safe or secure, or that the breach will not be made public. To help keep your company safe, let’s talk. The work we do for every client is different and customized to their needs. Contact us online or call us at 818-913-1335.