In early 2020, the COVID-19 pandemic took the world by storm. Just as quickly as the virus began to spread, organizations were forced to act and adapt to a new style of work. As companies rapidly moved to the cloud to support a digital workforce, they were tasked with securing remote workloads, deploying new tools across global teams within days or weeks, and simultaneously ensuring the data is protected from a variety of threats. Unfortunately, this was unchartered territory for many businesses. Cybercriminals took notice and an unprecedented amount of cyberattacks followed shortly after.
As the headlines showed, ransomware continued to be the weapon of choice in 2020, and extortionware is on the rise. While ransomware has become a tried and true method at this point, extortionware tactics are raising the stakes by threatening to expose sensitive information if the ransom is not paid. Arguably, The Maze Ransomware Group became the most notorious cybercriminal group for using extortion type methods in 2020. If companies refused to pay Maze’s ransom fees, these hackers expose their data online through continuous data leaks that make it next to impossible to know when they would stop. Therefore a significant concern has to be the monitoring of exfiltration of data.