Double extortion occurs when the threat actor both encrypts and exports (or exfiltrates) data from the victim’s network. The threat actor demands a ransom both for a key to decrypt data on the network and for a promise they will delete stolen data. The data may then find its way into the dark web for others to leverage.

  • Even if the original threat actor has been paid for data destruction, it is almost impossible to ensure that the information is not accidentally or intentionally shared with other threat actors.
  • This now happens in the majority of extortion incidents, including 2 out of every 3 of the incidents Beazley’s Cyber Services team saw in Q1 of 2022.

Triple extortion occurs when the threat actor encrypts and also threatens to publish exfiltrated data online AND engages in further pressuring of the victim.

  • The attacker may threaten denial of service attacks against the victim’s remaining infrastructure.
  • Threat actors may also review exfiltrated data and threaten to contact any individuals whose details are contained within if the targeted organization doesn’t pay.
quote marks

Data deletion is not guaranteed when you are dealing with multiple threat actors. Where once just one threat actor was involved, now there’s a whole supply chain of different entities coordinating for a single attack, in which everyone gets a cut.

Devon DeFreitas Devon DeFreitasCyber Services Manager
New York

Data presented in this Cyber Services Snapshot is derived from incidents reported to Beazley.

The information set forth in this document is intended as general risk management information. It is made available with the understanding that Beazley does not render legal services or advice. It should not be construed or relied upon as legal advice and is not intended as a substitute for consultation with counsel. Beazley has not examined and/ or had access to any particular circumstances, needs, contracts and/or operations of any party having access to this document. There may be specific issues under applicable law, or related to the particular circumstances of your contracts or operations, for which you may wish the assistance of counsel. Although reasonable care has been taken in preparing the information set forth in this document, Beazley accepts no responsibility for any errors it may contain or for any losses allegedly attributable to this information.