What is Cyber Extortion?

What is Cyber Extortion?

Cyber extortion is said to use digital means to extort money or data (material gain) from individuals or organizations by threatening to compromise the latter’s critical systems or sensitive information. In simple words, it is a blackmail technique that cyber criminals use after they take or hold some data or information hostage to demand something in return....

How Does Cyber Extortion Work?

Cybercriminals use various methods like phishing emails, malware, etc, to gain unauthorized access to the user’s system and/or network. Once they get access and crawl into the system, they tend to steal data, lock systems, or interrupt operations. They also threaten to release the stolen data publicly and keep systems locked, or cause further damage unless a ransom is paid satisfying their hefty demands. The ransom is usually demanded in cryptocurrency, to avoid leaving trackable clues. Even if the ransom is paid the retrieval of data still depends on the cybercriminals who may not be interested in returning it accordingly....

What Are the Types of Cyber Extortion?

It can be disguised in many forms. There are several other forms that are not addressed much, like, spear phishing, malvertising, website extortion, human hacking, etc....

What are the Terminologies We Use With it?

Cyber Extortionist: The cybercriminal who performs cyber extortion. Data Breach: When any cyber criminal successfully exploits a network or device vulnerability and can now easily access its files and data. Spam: Lots of junk that clogs or slows down the network/device. Email spam means lots of junk email in our inbox....

How to Spot Cyber Extortion?

There can be many signs to notice such an attack. If one can spot it out early then it can be easier to deal with. These factors can be:...

How to Protect Your Business Against Cyber Extortion?

Use strong password policies and implement multi-factor authentication (MFA) for all of your user accounts. Regularly back up your critical and confidential data offline and also ensure that the backups are properly secured and accessible. Keep your operating systems, applications, firewalls, and firmware updated with the latest security patches. Install and maintain reputable antivirus, anti-malware, and intrusion detection software to identify and block potential threats. Segment your network such that critical systems should be on separate networks with restricted access to minimize the impact of a breach if it occurs. Manage access controls to limit access to sensitive data and systems based on the principle of privilege and/or priority. In case your system gets affected then instead of paying the ransom, report the incident to the national cybercrime portal launched by the government of India (only for people residing in India.)...

Real-life Cyber Extortion Example

In 2007, a Finnish television station MTV reported that hackers/crackers had stolen the source code for part of Nokia’s smartphone operating system, Symbian. It was even confirmed by the local police who were investigating the case. It is said that the hacker/cracker had resorted to blackmail, threatening Nokia demanding a multi-million ransom to avoid revealing the key to the public. Had the information been shared, the smartphones could have been affected by malicious cyber attacks too....

Frequently Asked Questions on Cyber Extortion – FAQs

Who is/are vulnerable to cyber extortion attacks?...