The Rise of Ransomware – Double and Triple Extortion – 2023 Threat Prediction

Double extortion ransomware is an attack where nefarious cyber attackers not only encrypt an organisation’s sensitive data, but also exfiltrate it with the additional threat that the data will be leaked to competitors, clients, or the public. 

This strategy generally creates additional leverage that the cyber attackers use, when pushing the victim for a ransom to be paid.   

It also adds another challenge for cyber defenders to consider because even if an organisation can restore its network via its backups, the problem of data being made public is no trivial matter. We should therefore be focusing not only on preventing ransomware outbreaks but also on detecting and preventing data exfiltration.  

2023 And Beyond

According to security vendor Proofpoint, there was only one recorded case of double extortion in 2019. By early 2021, 77% of ransomware attacks involved threats to leak data. This year, we are seeing reports of triple extortion, where cyber attackers are also requesting payments from individuals within the data sets of the companies they compromised.  

Ransomware attacks are becoming more aggressive and are more damaging to unprepared organisations.  

Our View

Fraudsters have evolved their attack methods and business models with the maturity of the cybercrime industry itself. According to Forbes, by 2023, the damages due to ransomware attacks are expected to increase to $30 billion globally. Preparing for an attack is the first step to tackling this threat. Ensuring that cyber security maturity is at the level required to act as the first line of defence is the key.  

“The ransomware ecosystem will continue to grow, and we expect to see more mature and sophisticated code year after year. Criminal gangs will continue to use phishing attacks as their main weapon against business and personal emails. The delivery model for malicious code would also focus on other collaboration channels widely used within any organisation like Slack, Teams, and One Drive…”

– Arjun Pednekar, CREST Fellowship and CTO of Cognisys.  

Mitigation Advice

  1. Increase security awareness by educating employees about the dangers of phishing attacks via focused security awareness training. Encourage staff to be vigilant. Measure its effectiveness and your readiness via simulated-phishing attacks. 
  2. Keep systems up to date, patched and follow your vendor’s advice and security update feeds.  
  3. Deploy endpoint detection and response software and fine-tune it to reduce noise not related to a genuine attack. 
  4. Keep your backups ready, which should be encrypted and stored in a secure location, with restricted access.

For more information on how to mitigate this threat, get in touch with us at

Subscribe to receive the latest cyber insights


Liaison Group Case Study


How Liaison Group took control of their vulnerabilities

Learn how Liaison Group tamed an extensive vulnerability list with next-gen vulnerability management solutions.

The biggest cyber attacks and vulnerabilities of May 2024


The biggest cyber attacks and vulnerabilities of May 2024

Insights and trends from recent cyber threats and vulnerabilities from May.

Red vs blue team exercises


Red vs blue team exercises

Let’s explore the benefits of red vs blue team exercises and how they can strengthen your organisation’s security posture.