Posted on: Oct 9, 2024 | 3 mins | Written by: HDFC ERGO Team

Cyber Extortion: What Is It and How to Prevent It?

Cyber extortion

Cyber Extortion is a cybercriminal activity in which the perpetrators threaten the targets, a person or an organisation or entity, to compel them to pay money or release key sensitive information. The most common type of method detected is ransomware attacks, when malware encrypts a victim’s file and requests money in exchange for decryption. To manage such risks, a lot of companies use cyber insurance. Another type of insurance is cyber extortion, which assists in mitigating costs when a crime is committed.

The most common types of cyber extortion

Here is a list of some of the common types of cyber extortion that you need to be aware of:

1. Ransomware attacks

It is a type of computer virus that encrypts a victim's files, containing codes that cannot be understood. The attacker then pressures the organisation to pay a large sum of money, through which the attacker mainly asks for Bitcoin in exchange for the decryption key. If the money is not paid, all the files remain locked, or the attacker may decide to delete them. Such an attacker can focus on a person, a company, or even specific crucial industrial facilities. Such a type of blackmail can result in a rather heavy loss. Thus, many companies purchase cyber insurance to manage such types of risks; however, people have begun to purchase cyber insurance for family as these risks are rapidly developing.

2. Business Email Compromise (BEC)

In BEC scams, the attackers compromise the business’s email system by mimicking its executives or employees to defraud the business. Sometimes, the criminals also attack employees and lure them by clicking and downloading attachments from the mail. E-crimes targeting money are among the most costly and prevalent in the world.

3. Doxxing

It is the unauthorised disclosure of people’s identity by publishing personal details like addresses, phone numbers and private letters. Doxing is utilised by extortionists as a threat or leverage to make the victims give in. They may call for a bribe to stop exposing the information to the public. Such appearance may lead to negative outcomes for the patients, like stalking, credit card fraud, or even violence.

4. Computer Cyber Attacks

These consist of Distributed Denial of Service (DDoS) attacks that entail saturating the targeted online service or network with traffic that results in disruptions or unavailability. It is globally referred to as a botnet. On the other hand, a botnet is a collection of computers infected by a virus and controlled by an attacker. The three categories of DDoS attacks are:

• Volume Based Attacks

• Protocol Attacks

• Application Layer Attacks

5. Data theft and blackmail

In these kinds of attacks, the attackers gain unauthorised access to organisations or individuals’ computers, then steal sensitive data and threaten to disclose or sell the data if the targeted organisation or individual does not pay the attacker. Thus, the threat of releasing information or misuse of stolen data can force victims to do what the criminal wants.

6. Crypto Jacking

It can be defined as a cyber extortion involving the unauthorised use of a victim’s computer and network to generate cryptocurrency. It does not necessarily entail using threats for money; however, the attacker gains as they engage in the improper use of the victim’s resources. Because of this, applications can hog many resources on a system, thereby reducing the system’s performance and energy consumption rate.

Now that we have discussed the most common types of cyber extortion, let’s understand some of the most popular cyber extortion cases worldwide.

Cyber extortion cases

Let’s go through some of the famous case studies of cyber extortion.

1. WannaCry Ransomware Attack(2017)

One of the most notorious cyber extortion incidents, the WannaCry ransomware attack, impacted hundreds of thousands of computers across more than 150 countries. The attackers encrypted data and demanded ransom, primarily in Bitcoin, threatening to release the data if unpaid. The attack targeted systems running outdated versions of Microsoft Windows, causing widespread disruptions, with the UK's National Health Service (NHS) being particularly hard hit.

2. Colonial Pipeline Ransomware attack(2021)

In May 2021, the Colonial Pipeline, responsible for supplying nearly half of the East Coast's fuel, was targeted by a ransomware attack from DarkSide. The attackers encrypted the company's data, demanding a ransom to restore access. The pipeline was shut down for several days, leading to fuel shortages and hikes across the Eastern United States. Colonial Pipeline paid a ransom of 75 Bitcoin( around $4.4 million at the time)to the attackers, although the U.S. Department of Justice later recovered a portion of the ransom.

3. Sony Pictures Hack(2014)

The cybercriminal organisation, “Guardians of Peace”, broke into Sony Picture’s computer system and stole information such as movies, confidential emails and employees’ records. The attackers threatened to attack Sony’s theatres if the company did not cancel the release of an uninhibited comedy depicting the assassination of North Korean leader Kim Jong-un. The group was inflexible and said they would leak the obtained information and launch additional cyberattacks if not paid by the deadline. Sony first postponed the movie’s release, but later on, it was released in digital format.

4. Garmin Ransomware Attack (2020)

A company, Garmin, which specialises in such devices as GPS and wearable technology, experienced a ransomware attack that blocked its services and encrypted its data. It is said that the attackers who conducted the launch belonged to the Russian cybercriminal group Evil Corp, and they wanted a multi-million-dollar ransom. Their services, namely aviation and fitness tracking, remained offline for several days because of the attack.

5. Baltimore Ransomware Attack (2019)

In May 2018, an IT threat actor called RobbinHood locked down Baltimore's systems and demanded 13 Bitcoins, worth $100,000 at the time, for the decryption key. The assault paralysed city functions such as email and payment for several weeks. Baltimore rejected the ransom payment, which was cheaper than the $18 million expenses in the recovery process and the much more lost sales.

There are many cases of cyber extortion, but these are some of the most widely known. Only when you are aware of them can you prevent them.

Measures to Prevent Cyber Extortion

We have previously discussed different kinds of cyber extortion cases. Now, let’s see what measures we can take to prevent cyber extortion.

1. Implement Robust Security Protocols

Ensure all the systems are shielded with recommended and efficient firewalls, antivirus, and security updates. This assists in reducing risks that a particular system might have and which attackers might want to capitalise on.

2. Employee Training and Awareness

In this case, employees should be educated on risks associated with social engineering, such as phishing.

3. Regular Data Backups

It is recommended that crucial data and files be backed up and saved in another location away from the computer, preferably in a safe, fireproof steel cabinet. If a computer is infected with ransomware, the last backed-up data can be restored, and means can be avoided by paying the attackers’ ransom.

4. Cyber Insurance

Ensure you take cyber extortion insurance to cover you in case of an attack. Cyber insurance pays for the expenses incurred when reacting to a cyber attack, with special emphasis on ransom demands, lawyer costs, and the overall repair work.

Combined with purchasing a good and diverse cyber insurance policy, such measures allow for minimising the risk of being targeted by cyber extortion and, in case of successful realisation of the threat, being prepared to react to this action promptly.

FAQs

1. What exactly is cyber extortion?

Cyber extortion is a form of cybercrime in which perpetrators use threats to demand money, goods, or compliance with certain conditions. The threats may include leaking information, interrupting operational activities, or using ransomware to lock data.

2. Where can I find out more about cyber extortion, and where can I obtain help?

Report the event to the local police enforcement and ask for advice. Consult with specialists for incident response and technical assistance. You may get materials and assistance from groups like your local cybersecurity authority or the Cybersecurity and Infrastructure Security Agency (CISA).

3. How can cyber insurance help control or stop cyber extortion?

Cyber insurance offers financial help and protection against cyber extortion attacks. It can compensate for expenditures for recovering lost data, paying ransoms, paying attorneys' fees, and other incident-related charges. By purchasing cyber insurance, businesses may ensure they are more equipped to deal with the financial effects of an attack.

Conclusion

Cyber extortion is fast becoming a common trend in the cyber environment due to the capability to apply force such as ransomware, data compromise, and denial of service to force payment from targets. The effect of cyber extortion truly cuts deep, as it threatens operational and financial security, stakeholders’ reputations, and companies’ capacities. To avoid these risks, there is a need to observe strict security measures at the organisational and personal levels, implement policy and backup, train the employees, and document a clear procedure in case an incident occurs. Moreover, one should acquire cyber insurance for families as it offers critical financial safeguards and assistance in case of an attack.


Disclaimer: The above information is for illustrative purposes only. For more details, please refer to the policy wordings and prospectus before concluding the sales.


RELATED ARTICLES

Understanding Cyber Extortion and Ways to Avoid It

The Rise of Digital Ransom: The dangers of cyber extortion

Cyber Security Insurance: Is it Worth Your Investment?

Everything About Cyber Kidnapping

Emerging Cyber Threats: What You Need to Know in 2024


Blog