Double-Extortion
Data Exfiltration — Enterprise Data Theft & Extortion Technique
Data exfiltration is the unauthorized transfer of data from a compromised environment. This SECMONS record explains common exfiltration patterns, its role in ransomware operations, and defensive containment strategies.
Ransomware — Malware That Encrypts or Extorts for Financial Gain
Ransomware is a type of malicious software that encrypts data or threatens publication to extort payment from victims. This SECMONS glossary entry explains how ransomware operates, common attack stages, and why modern ransomware campaigns combine encryption with data exfiltration.
LockBit — Ransomware-as-a-Service Ecosystem & Operational Profile
LockBit is a ransomware-as-a-service (RaaS) ecosystem responsible for widespread double-extortion campaigns targeting enterprise, government, and critical infrastructure organizations. This profile provides structured analysis of LockBit’s operational model, techniques, and defensive implications.
Ryuk — Targeted Ransomware Associated with Enterprise Intrusions
Ryuk is a targeted ransomware strain publicly associated with high-impact enterprise intrusions, often deployed following credential theft and lateral movement. This SECMONS profile provides structured analysis of Ryuk’s operational patterns, ecosystem relationships, and defensive implications.