What characterizes a double extortion attack?

A double extortion attack is characterized by the simultaneous encryption of data along with the exfiltration of that data from the victim’s systems. This tactic is used by cybercriminals to increase pressure on the victim to pay a ransom. Not only is the data locked (encrypted) so that the victim cannot access it, but the attackers also take an additional step by stealing (exfiltrating) sensitive data. This allows them to threaten the victim with public release of the data if the ransom is not paid, thereby increasing the likelihood of receiving payment.

The complexity of double extortion attacks lies in the dual threats posed to the victim: they face immediate data inaccessibility due to encryption, as well as long-term reputational damage from potential data leaks. This method has become more prevalent in ransomware attacks, where the fear of data loss is compounded by the risk of sensitive information being made public.

In contrast, the other choices describe distinct types of attacks or aspects that do not capture the essence of double extortion. For example, data locking without exfiltration would not apply since there is an absence of the additional threat of data leak. Only data exfiltration lacks the accompanying encryption that defines double extortion. Malware spreading to additional systems describes