What is a triple extortion attack?

Featured image

Share this article

What is a triple extortion attack? - Paubox

Ransomware attacks are one of the most common cybersecurity problems in healthcare. Covered entities face a weekly average of 109 attack attempts per organization

Cybercriminals spend a lot of time attacking healthcare networks in the hopes of financially extorting the organization. This often means that cybercriminals are constantly testing cybersecurity protocols and finding new vulnerabilities to ensure they get payment from their victims.

In the past year, a new threat has emerged from ransomware groups: Triple extortion attacks.  

Read more: HIPAA compliant email

A brief history of extortion attacks

Looking into the past shows how cybercriminals continue to evolve with their attacks as technology develops.

A basic ransomware attack will infiltrate a network and encrypt data rendering it useless. Cybercriminals will only unencrypt the data if the victim pays a ransom.

However, organizations learned to implement a data backup system as part of their business continuity plan. The backup servers contained a copy of a company’s data, which made it smoother to recover and restore the network. 

Read more: Email archiving and HIPAA compliance

Cybercriminals became aware that their ransomware attacks weren’t always effective. They essentially needed a second way to force victims to pay a ransom. Soon they developed the double extortion attack. Before encrypting a network, cybercriminals now made a copy of the data. Then they would threaten to either publicly publish the data or sell protected health information (PHI) on the black market. If the victim paid the ransom, cybercriminals wouldn’t release the information.

A double extortion attack gives cybercriminals more assurance that their victims will most likely pay the ransom since they have access to sensitive data. Even if a covered entity has data backups to restore its network, it still faces the risk of cybercriminals publicly publishing or selling PHI.

What is a triple extortion attack?

The triple extortion attack is an extension of the double extortion attack. While the exact tactic may vary, cybercriminals will target patients or affiliates to demand a ransom or pressure victims to pay.

A triple extortion attack first occurred in October 2020. Vastaamo, a Finnish psychotherapy clinic, had patient data stolen in a ransomware attack.  The cybercriminals then asked patients directly to pay a ransom or face having their therapy session notes published. 

A triple extortion attack may also be designed to harass victims or their associates. Cybercriminals have issued DDoS attacks or phone calls to the victim’s business partners and the media. One report discusses “print bombing” where cybercriminals will take over the organization’s printers and repeatedly print their ransom note. While this doesn’t make the cybercriminals any money, it does pressure victims to pay the ransoms sooner rather than later.

What can healthcare providers do to protect themselves?

Email is the most common method for cybercriminals to infiltrate your system. Over half of all malware infection attempts in 2020 were conducted via email. Covered entities need to send HIPAA compliant email of course, but they also need a robust inbound email security system that blocks spam, viruses, malware, and phishing attacks.

Paubox Email Suite Plus protects your healthcare organization’s inboxes. Our HITRUST CSF certified software automatically encrypts all outbound email and blocks inbound malicious emails from even entering a person’s inbox.

Paubox is dedicated to protecting you from email security threats, which is why we’ve recently launched Zero Trust Email. It adds a layer of authentication to your emails and ensures that emails are genuine. 

You can rest assured that Paubox will always stay committed to protecting your emails from unauthorized access.

Try Paubox Email Suite Plus for FREE today.
Author Photo

About the author

Sara Nguyen

Read more by Sara Nguyen

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022