Extortion is the practice of obtaining something through the force of threats. As with many other forms of criminal activity, it was only a matter of time before cybercriminals found new ways to use it to take advantage of unsuspecting victims. Criminals either steal data or block access to data, or they threaten to go public with secret or embarrassing information, unless the victim gives them what they want.
In recent years, this tactic has grown in popularity because of its ease of execution and potential for significant rewards. As with much of the crime that occurs in the digital world, criminals execute cyber extortion attacks with little fear of repercussion. Often located halfway around the world, they are nearly impossible to identify, let alone prosecute.
Cyber extortion occurs in various forms. Originally, it was mostly a result of Denial of Service (DoS) attacks. Cybercriminals would target a website or email server and demand something of value in return for promising to stop the attacks. In recent years, however, cybercriminals have developed malware referred to as ransomware. Once introduced to a victim’s computer, network, or mobile device, ransomware is designed to encrypt data and allow the attacker to demand something in return for the decryption key.
For example, a manufacturing firm in New England was recently infected with a ransomware referred to as CryptoLocker. This occurred when a sales rep opened an email with a voicemail attachment that appeared to come from the company’s CEO. Later that day the employee tried to access a file on the companies shared drive. When the file was opened, all the text appeared as hieroglyphics with a request for a sum of money in return for the key.
To protect against cyber extortion companies should implement prevention security strategies such as backing up data on a regular basis and educating employees on safe email and web browsing practices. Additionally, because prevention is never 100 percent effective, businesses should create an incident response plan that allows them to more effectively react if an incident does occur.