Criminal activity online is subject to a constant arms race as companies and security experts come up against increasingly sophisticated means of attack designed to overcome their efforts. Recently, high-profile cases have exposed a new front in the war: cyber extortion. What is it, why is it so prevalent right now, how can you prevent it?
What is cyber extortion?
If a cybercriminal threatens an organisation with a cyber attack in exchange for data, funds, or any other demand, they are performing cyber extortion. They include:
- Ransomware, where a device is infected with a virus that locks it until a ransom is paid to the attacker controlling the malicious software.
- Cyber blackmail, where networks are entered illicitly and data is stolen, after which attackers ransom this back to the business.
- Database ransom attacks, where databases are hijacked, the data taken, and a ransom note left in its place.
- Denial-of-Service attacks, where hackers stop a business’ site from working by overloading it with requests, demanding a ransom for the attack to end.
According to Malwarebytes’ 2020 State of Malware report, detections of different families of ransomware, such as Ryuk and Sodinokibi have increased by 543% and 820%, respectively, against a general 13% increase in business cyber threats.
And according to Group-IB’s Ransomware Uncovered 2020-2021 report, ransomware attacks increased 150% during that year, resulting in an average of 18 days’ worth of downtime for businesses that were hit.
As businesses have grown increasingly digitised during the pandemic and with workers at home more than ever, they have become more exposed to cybercrime. Add in the growth in untraceable cryptocurrencies which allow hackers to get away with their activities, and we have seen an explosion in cyber extortion activity.
How do you prevent it?
To stop your organisation from falling prey to cyber extortionists, there are three key things you should put in place.
Even with all the preventative measures possible, cyber extortionists may still find a way through to your business. To create a robust last line of defence, putting cyber insurance in place can be a good way to guard against the cost of ransoms, and the business or reputational damage that can result.
Create a strategy
All types of cyber extortion should be covered by an encompassing strategy. You must decide and put into place how you wish to best store, back up, and encrypt your data, utilising expert help in finding the right solution for your business and its activities.
Communicate with your staff and train your IT
Your staff and IT team are the first line of defence – or main source of risk – when it comes to cyber extortion threats. By training them and ensuring they can properly manage data and identify threats, you can shore up your defences.