You’ve probably seen the phrase “double extortion” in the coverage of this week’s ransomware attack on Mackay Sugar, reported by SecurityWeek. It’s worth understanding, because it’s now the default ransomware playbook. Double extortion is a two-step shakedown: attackers first copy your data out of the network (the “exfiltration” step), then encrypt it so you can’t use it. You get hit twice — locked out of your systems, and threatened with having your data dumped publicly unless you pay.
Why does this matter right now? For years the standard advice was simple: keep good backups and ransomware can’t really hurt you — just wipe and restore. Double extortion breaks that logic. Even with perfect backups, the attackers still hold a copy of your data and can publish it. For an Australian business that’s not just downtime; it’s customer records, staff details and financials on a leak site, plus Privacy Act and Notifiable Data Breaches reporting on top. The Gentlemen, the group behind the Mackay Sugar attack, run exactly this model and have listed more than 500 victims.
The practical takeaway: backups are still essential, but they’re no longer enough on their own. You also have to stop data leaving in the first place — strong multi-factor authentication, tight access controls, monitoring that flags unusual data transfers, and knowing what sensitive information you hold and where. Think of a backup as a spare key for when you’re locked out of the house. It does nothing if the burglar has already photographed everything inside.
If you’re not sure where your data could walk out the door, a cybersecurity review from All IT Services is a sensible place to start.
Related Guide
Cybersecurity for Sydney SMBs
Explore our complete guide to protecting your business from cyber threats.
