Shifting resources to the cloud in support of modern hybrid work adds agility and scalability. But for cybersecurity teams, an “anywhere, anytime, any device” workforce means a dramatically expanded attack surface. Threat actors, eager to take advantage, have redoubled their efforts to break through these expanding, hard-to-defend perimeters. Whether the attacks come from nation-states or dedicated criminal gangs, the highest-profile goal of this unauthorized access is ransomware: holding your assets hostage for an easy payoff.

In the past, simple ransomware attacks that locked down a user’s computer or files could often be reversed by a trained professional. Today’s ransomware attacks are much more complex and premeditated, and victims often have little choice but to pay the ransom. In a typical modern attack, hackers breach your security and exfiltrate sensitive data, then encrypt it and offer to provide a decryption key in exchange for a payment (usually in untraceable cryptocurrency).

Even if you had the foresight to back up your data, you’re not off the hook. Threat actors can leak that private data — which can include partner data, customer credit cards and personally identifiable information — unless you pay up. This is known as “double extortion,” and it’s just one example of the ever-evolving complexity of ransomware attacks. With hybrid work here to stay, organizations are struggling with how to provide the seamless access that remote and on-premises workforces need while safeguarding enterprise data from cyberthreats.