BROADCASTS.com

On this episode of CyberWire-X, we examine double extortion ransomware. The large-scale cyber events of yesterday \u2013 Stuxnet, the Ukraine Power Grid Attack \u2013 were primarily focused on disruption. Cybercriminals soon shifted to ransomware with disruption still the key focus \u2013 and then took things to the next level with Double Extortion Ransomware.\nWhen ransomware first started to take off as the attack method of choice around 2015, the hacker playbook was focused on encrypting data, requesting payment and then handing over the encryption keys. Their methods escalated with Double Extortion, stealing data as well as encrypting it - and threatening to leak data if they don\u2019t receive payment. We\u2019ve seen with ransomware groups like Maze that they will follow through with publishing private information if not paid.\nIn the first part of the show, Rick Howard, the CyberWire\u2019s CSO, Chief Analyst, and Senior Fellow, talks with Wayne Moore, Simply Business' CISO and CyberWire Hash Table member, and, in the second half of the show, the CyberWire's podcast host Dave Bittner talks with Nathan Hunstad, episode sponsor Code42\u2019s Deputy CISO. They discuss how classic ransomware protection such as offsite backups are no longer enough. They explain that Double Extortion means that you need to understand what data has been stolen and weigh the cost of paying with the cost of your data going public.\nLearn more about your ad choices. Visit megaphone.fm/adchoices