Ransomware authors have increasingly gone after the double extortion attacks for the simple reason that this further encourages their victims to pay. When sitting on a treasure trove of sensitive personal information, attackers know that the looming threat of exposing it on hacking forums gives them more leverage to instigate a payment. This all comes of course with an increasing number of businesses paying, further incentivizing attackers to use this extra leverage.
Governmental bodies and public entities are particularly attractive targets for both cybercriminal gangs and nation-state actors, due to the financially lucrative or politically sensitive information they hold. Government minsters, civil servants and anyone else involved in the process of government need to be especially vigilant to phishing emails – which remain the most popular entry vector for ransomware – and the security measures in place need to be the most stringent available, including user training on the risks and tell-tale signs of a phishing attack and email filtration systems.