Double extortion threats mean you should be doubling down on your cyber security

Over the last year, we have seen the media report on a number of major UK retailers which have fallen victim to cyber-attacks that have had devasting, long-term consequences on their business.

In most of these cases, double extortion ransomware was used to target these high-profile brands which is a sophisticated cyber tactic that has reshaped the landscape of these types of attacks in recent years.

And, although these offences have been committed against very large companies, the criminal does not discriminate against size so, whether you’re an SME, sole trader or a global brand and your systems aren’t robust enough, you are vulnerable.

So, what is double extortion ransomware?

According to the Cyber Security Breaches Survey 2025, an estimated 19,000 companies have already fallen victim to a ransomware attack this year.

Double extortion ransomware is a tactic specifically used by criminals to increase the negative impact they can have, causing significant financial losses, disruption to the business continuity of an organisation as well as reputational damage.

It is therefore important to understand how it occurs and what you can do to protect against it. As well as stealing your data, the criminal will now also threaten to release it publicly. This method gives another way in which to pressure the victim into paying a ransom and although encrypted files maybe be restored through backups, with double extortion, the victim still faces the possibility that the sensitive information will be disclosed to third parties.

How does it work?

The attack works via the hacker gaining access to the victim’s system. The common approach for this is by a phishing email which is crafted to trick the recipient into clicking on a link or downloading a malicious file that will provide the access to infiltrate. Once in, the criminal will move across the network to identify and access as many high value assets as they can. In the case of double extortion, they will steal any sensitive information such as customer details, financial records or intellectual property.

The stolen assets will then be encrypted, making them inaccessible. Once this has been achieved this will be promptly followed up with a demand to pay a ransom for the release of the data, and no publishing of it to any external parties. There is no guarantee they will be true to their word – these are crooks, after all. If the ransom is not paid, the threat will be that the data won’t be returned and will be published or sold causing further reputational and financial damage.

What should you do?

This is an incredibly stressful and difficult situation for any owner or manager of an SME, as well as those members of staff involved. A worst-case scenario for any business that has been targeted is that it suffers huge financial losses, employees lose their jobs, and it ultimately has to close. It is therefore crucial for everyone working within a company to implement cyber security measures to protect it from becoming a victim of a double extortion ransomware attack in the first instance.

A crucial investment in ensuring your business is as robust as it can be is through cyber security training, which the WCRC offers. In fact, you could have the most expensive, comprehensive cyber security protection there is, but it will only take one of your employees to click on a link in a suspicious email and all those cyber security measures are immediately undermined. Training your team in the importance of cyber safety and how to identify potential risks is key to strengthening your business resilience against a successful cyber-attack.

We deliver tailored training sessions with those with limited to no cyber knowledge in mind. If your business has 10 or less employees, take a look at the option available to you. Larger teams can contact us for a quote.

The WCRC offers free membership that provides support in making improvements to your cyber resilience as well as national guidance, regular cyber updates, resources, practical toolkits, a monthly newsletter and more.

If you’d like to sign up contact a member of our team and start your journey now.