Double-Extortion

Data exfiltration is the unauthorized transfer of data from a compromised environment. This SECMONS record explains common exfiltration patterns, its role in ransomware operations, and defensive containment strategies.

Ransomware is a type of malicious software that encrypts data or threatens publication to extort payment from victims. This SECMONS glossary entry explains how ransomware operates, common attack stages, and why modern ransomware campaigns combine encryption with data exfiltration.

LockBit is a ransomware-as-a-service (RaaS) ecosystem responsible for widespread double-extortion campaigns targeting enterprise, government, and critical infrastructure organizations. This profile provides structured analysis of LockBit’s operational model, techniques, and defensive implications.

Ryuk is a targeted ransomware strain publicly associated with high-impact enterprise intrusions, often deployed following credential theft and lateral movement. This SECMONS profile provides structured analysis of Ryuk’s operational patterns, ecosystem relationships, and defensive implications.