Ransomware attackers employ quadruple extortion tactics.
getty
Not only is the threat to business from ransomware hackers not going away, but it’s escalating in the most unexpected of ways. A critical July 22 FBI cybersecurity advisory warned IT support not to reset user passwords in light of ongoing Scattered Spider attacks employing what is known as double extortion tactics, where encryption and data theft are employed. Now, newly published threat intelligence has confirmed that threat actors in the ransomware space have upped their game: welcome to quadruple extortion.
Latest Threat Intelligence Report Adds Weight To FBI Ransomware Alerts
Ransomware has come a long way since the first time I encountered it back in the 1980’s when an infected floppy disc ‘encrypted’ my computer and demanded I send a couple of hundred dollars, by snail mail, to an address in Panama. That was about as simple as you could get in terms of the basic encryption used, the delivery mechanism deployed and, of course, the extortion in play for a potential $189 reward. Things have changed, and then some.
The days of just locking down access to your files and hoping you haven’t got a recent backup have long gone, replaced by what is commonly known as a double extortion tactic. This is what the FBI warned of in the Scattered Spider advisory, where the attackers steal your data before encrypting it. A literal double whammy proving twice the leverage to get victims to pay a ransom: don’t pay, and that sensitive data will be published on a data leak site or sold to the highest criminal bidder.
Attackers then upped the extortion ante by throwing DDoS attacks into the threat mix, so-called triple extortion tactics.
The latest Akamai 2025 ransomware trends threat intelligence report warns that ransomware gangs have turned the dial, if not to mythical Spinal Tap levels quite yet, up to four with the introduction of quadruple extortion measures. hese, the report stated, add “the sending of messages to harass business partners, employees, customers, high-level executives, and media to inform them of the breach and pressure the primary victim,” as exemplified by threat actors such as Clop.
“This evolution of tactics has proven effective for ransomware groups,” the Akamai report warned, “resulting in escalated average ransom payments.” It should be noted that double extortion remains the most common of extortion tactics employed by ransomware groups, but you can expect to see increasingly more fuel thrown onto the leverage fire by threat actors no doubt. “A new trend among ransomware groups that are using double and quadruple extortion tactics,” the report stated, “is the use of government regulations as leverage.”
Ransomware hackers are nothing if not willing to evolve and employ new tactics to make it harder for victims not to pay. If you are not already doing so, make sure to take note of ongoing FBI ransomware alerts and accompanying mitigation advice.
