What is a Cyber Extortionist?

Cyber extortion includes digital blackmail, where criminals demand ransom to avoid causing harm or disruption, such as data leaks or system shutdowns. This attack strategy becomes executed through ransomware, DDoS attacks, doxing, or sextortion.

Cyber extortionist and ransomware gangs often are the same. Extortionist uses ransomware malware as a tool to inflict damage on their victims. SMS or Smishing, Voicemails, or Vishing also have become tools of the trade for cyber extortionists.

Victims must carefully consider whether to pay the ransom when faced with a cyber extortion attack, as this decision carries practical and ethical considerations. Victims may feel paying the ransom is a quick and cheap way to get back up and running. But it's essential to consider the risks of prolonged downtime, data loss, damage to reputation, and legal consequences. Getting advice from cybersecurity experts and law enforcement is crucial.

How Do Cyber Extortionists Execute Their Attacks?

“Cyber extortionists use threats and attacks to extort money or services from their victims, such as revealing sensitive information or demanding payment for removing malicious software.”

Cyber extortionists, like Ransomware-as-a-Service, often use email phishing as their principal means to lure. Cyber extortion occurs when hackers use ransomware to lock a victim's data and demand payment for its release. This action often involves phishing attacks through email, with threats to expose sensitive information if payment fails.

For example, A St. Louis hospital's computer systems became hacked. The hackers demanded $25,000 or else they will release the medical records.

?A car dealership receives a phishing email with ransomware and threats to lock everyone out of the system during a busy car sale unless the ransom is paid.

Victims must report cyber extortion to the police immediately and secure their data by encrypting important information and changing passwords frequently.

What is the Difference Between Cyber Extortion and Other Cyber Threats?

Cyber extortion often results in a demand for ransom payment. Both hackers and cyber extortion leverage similar tools but for different purposes. Cyber attacks, including DDoS attacks, business email compromise, and identity theft, focus more on service disruptions and digital fraud.

Similar to a cyber attack, cyber extortion becomes executed following these common steps:

Infiltration: The extortion will use standard hacking tools to probe their victim's devices, looking for any vulnerability to exploit. Extortion also uses social engineering to contact its victims. Email phishing methods, including spear phishing, whaling, and double barrel, are standard in a cyber extortion attack.

Execution: During a system infiltration, a cybercriminal may take steps to prepare for cyber extortion or a cyber attack. This attack typically involves installing malware to steal data, turn off systems, or infect multiple devices.

Extortion: Extortion involves cybercriminals threatening victims and demanding ransom payments. Failure to comply may cause cyber attacks, data leaks, or access restrictions.

Doxxing: Doxxing is the act of an individual disclosing sensitive personal information about someone else online, which can include details like their address and financial information.

What is the Cost of Cyber Extortion Attacks?

CISA suggests that a strong cybersecurity insurance market could help prevent cyber extortion incidents by motivating customers to take preventative measures through coverage and premium adjustments based on their level of protection

However, in 2023, there were a record-breaking 4,399 ransomware attacks, resulting in close to $1 billion in extortion payments. These ransom demands significantly increased from the previous years.

What Steps Can People Take to Protect Themselves From a Cyber Extortionist?

Following cybersecurity best practices is essential for all organizations to implement to help safeguard against cyber extortionist attacks.?

• Deploy Advanced email security protection with integrated inbound and outbound data loss prevention and email encryption.
• Deploy anti-virus and anti-malware tools on every device.?
• Always maintain several backups if you need to restore after a ransomware attack.

#ransomware #cybersecurity #attack #CISO #CIO #DLP #Email security #AI #ML #extortion