What is Extortionware? Cyber Terms Explained

Featuring: Tal Mozes, CEO & Co-Founder, Mitiga

Extortionware in the cloud usually means that an attacker managed to leak or compromise some of your sensitive data and is threatening to release that data, and also show the world by releasing this data that they have managed to compromise your organization and hurt your reputation.
‍
We've also seen different types of extortionware, which involves regulators like the SEC, and attackers threatening to go to the SEC, and report that they managed to compromise your data. In these types of cases, it's key to understand as quickly as possible, which data was compromised, when it was compromised, and where from. Those answers will help the negotiator that will negotiate with the attackers about the price and if to pay or not, to really understand what that attacker really had - is the data is truly sensitive or it's not as important to the organization, and exactly what to report.

Now, usually it takes days or weeks to investigate these kinds of questions. If you have all the logs in advance, they're all already digested, and you have some sort of automation in order to investigate them, you can get some of those answers within minutes or hours to help the negotiator with the negotiation process; and that will put you in a completely different position in that type of incident. 

Learn how Mitiga helps teams swiftly combat extortionware.