The most common form of cyber attack today is also the least spoken about. Ever wondered why?

Here we’ll show the data on these attacks, the reason why cybersecurity companies don’t talk about this, and much more. 

For more information on these types of attacks, visit

The latest ransomware attacks (including Lockbit, AlpHV, and Clop) are focused on stealing data first

In recent years, the cybersecurity landscape has been dominated by a worrying trend: ransomware attacks that prioritize data theft over traditional encryption methods. High-profile ransomware groups such as Lockbit, AlpHV, and Clop have shifted their tactics towards exfiltrating sensitive information from their targets. This approach represents a significant evolution in cybercriminal strategies, underscoring the increasing value of data in the digital age.

Sometimes this doesn’t even involve encryption!

Remarkably, some of these attacks bypass encryption altogether. Instead of locking victims out of their systems, attackers steal sensitive data and threaten its release. This method can be equally, if not more, damaging than traditional ransomware.

The threat of public exposure or the sale of confidential information on the dark web (or directly to competitors) puts immense pressure on victims to comply with ransom demands, often without the telltale signs of encryption-based attacks.

There’s also a much higher chance of this attack being successful, and ransomware operators (including those using Ransomware-as-a-Service or RaaS) much prefer such an attack that involves less moving parts – and less chance of being caught. 

What is your sensitive data worth to you?

This question has never been more pertinent. In an era where data is often considered more valuable than any other resource, the theft of sensitive information can have catastrophic consequences for individuals and organizations alike. The value of your data to cybercriminals can be measured not just in terms of the ransom they demand, but also in the potential long-term reputational damage, legal liabilities, and loss of business that can result from a data breach. Just imagine if the following became public: customer information, internal communications, R&D roadmaps, proprietary information, passwords, and more.

Criminals are using double extortion (encrypt + leak data) and triple extortion (targeting partners/clients of attacked companies)

Cybercriminals are becoming increasingly sophisticated, employing double and even triple extortion tactics. Double extortion involves both encrypting the victim’s data and threatening to leak it if the ransom is not paid. Triple extortion takes this a step further by also targeting the partners and clients of the attacked company, as seen in the case of Tipalti. 

Here, attackers not only encrypted and threatened to leak Tipalti’s data but also threatened to release sensitive information related to high-profile clients like Roblox and Twitch, amplifying the pressure to pay the ransom.

Ransomware gangs even report victims to the SEC for not divulging a breach!

For 2 years, over 83% of successful ransomware attacks use double and triple extortion tactics

Statistics reveal a stark reality: more than 83% of successful ransomware attacks in the past two years have employed double or triple extortion methods. This indicates a clear shift in the tactics of cybercriminals, who are increasingly leveraging the multifaceted value of stolen data to maximize their profits.

Yet cybersecurity vendors like EDR and backup companies aren’t talking about this

Despite the rising tide of encryptionless ransomware attacks, many cybersecurity vendors, particularly those specializing in Endpoint Detection and Response (EDR) and backup solutions, have remained silent on the issue. This silence is concerning, given the gravity and complexity of the threat landscape.

Why? Because their solution will not be able to help you in this case

The silence from some cybersecurity vendors can be attributed to a simple, yet troubling fact: their solutions are not equipped to deal with the nuances of encryptionless ransomware and advanced extortion tactics. Traditional cybersecurity defenses, designed to prevent unauthorized access and restore encrypted data, are often ineffective against these sophisticated attacks that leverage the theft and exposure of sensitive information as their primary weapon.

There is often no encryption that traditionally trips the alarm for these providers. This inconvenient fact is why more people aren’t talking about this, even though the data shows these attacks are the vast majority of cyber incidents today. 

Customers are spending millions of dollars on two years old attacks – that are not relevant!

Organizations are pouring vast amounts of resources into defending against cyber threats that do not represent the cutting edge of cybercriminal activity

This misalignment between defensive strategies and the evolving threat landscape means that many investments may not provide the protection that organizations assume, leaving them vulnerable to the latest tactics employed by attackers.

Get with the program and try ITsMine today

In response to this evolving threat landscape, it’s crucial for organizations to adapt and seek out innovative cybersecurity solutions that can address the specific challenges posed by encryptionless ransomware and advanced extortion tactics. 

ITsMine offers the solution organizations require: focusing on protecting sensitive data and thwarting the efforts of cybercriminals to exploit it. Embracing such forward-thinking solutions is essential for staying one step ahead of cyber threats in today’s digital world.

ITsMine protects you by:

As a Gartner Cool Vendor in Data Security, trust ITsMine to defend you against the most common attacks today. 

Contact ITsMine to learn more now


Encryption-less Ransomware: Best Practices for CISOs to Ensure Protection