Saturday 04 July 2026 21:24:28 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Single extortion

An extortion model that relies on stolen-data threats without necessarily encrypting systems.

Single extortion is an attack model in which criminals threaten to publish or sell stolen data to force payment, without necessarily encrypting the victim’s systems. The pressure comes from exposure, not from locking files. This makes it different from classic ransomware that both steals data and disables access.

It matters because many organizations can keep operating even when no encryption occurs, which can delay detection and make the threat look less urgent. In practice, single extortion often follows credential theft, cloud compromise, or quiet data exfiltration through VPN, web apps, or admin accounts. Defenders should treat a leak-site claim as a lead to verify, then check authentication logs, outbound transfer activity, privileged access, and data-loss signals. Strong identity controls, segmented access, immutable backups, and monitoring for unusual downloads or uploads all reduce the leverage of this tactic.

← WIKICROOK index