Blocking all your systems and placing you in a completely helpless position – this is how cybercriminals gain full control over you. Then, their next goal is to make you voluntarily hand in your funds in exchange for the decryption of your files and resuming normal operations.
Usually, the amounts that the attackers demand are insanely high and that is the reason why the biggest cases gain worldwide popularity. The critical importance of the targeted businesses and industries adds even more drama to the equation. For instance, look at the current incidents with Colonial Pipeline and the meat processor JBL which are eloquent examples of widespread repercussions.
No wonder ransomware is the cyber attack of choice for hackers. After the most recent cases that had cost millions, Lindy Cameron, head of the UK’s National Cyber Security Centre, confirms ransomware is beyond doubt the “top cybersecurity threat we face”.
We will walk you through the cyber criminals’ process. However, by the end of the article, we hope you will have an answer to another, more significant question – how to become confident in combating cyber threats that have the potential to lead to extortion?
The Most Common Types of Cyber Extortion
Of course, the most popular blackmail technique is ransomware. Ransomware is a malicious type of software designed to encrypt your valuable digital assets. The creators of this particular kind of malware require money (most often crypto because it is hard to be traced) in order to give the victims the keys for unlocking their computers or servers. Believe it or not, the first ransomware arrived at its target in 1989 on a diskette! Its name was AIDS Version 2 and it was disguised as an innocent office survey. Even more curious is the amount of $189 that the hackers wanted for releasing the infected computer files and functions.
Ransomware has indeed traveled a long road to reach the billions of dollars payoffs cybercriminals manage to receive today. In the last decade, sophisticated new ransomware have been invented. To name a few, in 2021, we have Zeppelin that appears via Word documents, WannaCry that acts as a worm, and the champion in the ransomware-as-a-service discipline-Purelocker. There are multiple gateways that ransomware can use – emails, downloads, Remote Desktop Protocol (RDP), or simply, dangerous links.
Although ransomware is the most effective attack in terms of results, it is not the only one. It is a well-known practice of cybercriminals to distract their victims with other minor obstructions like DoS and DDoS attacks. DoS means denial of service. In this attack, a computer sends a massive amount of traffic to the target’s system and shuts it down. This is an online intrusion that is used to make websites or services unavailable for their users. Alternatively, with DDoS (distributed denial of service) incidents, attacks are distributed from many different locations using multiple systems. Hackers can request money for stopping the attacks or can merely keep their victims busy while planning a massive and far more destructive ransomware strike. This is also a perfect scenario for the sake of delay and late reaction from the ransomware recipients’ side.
Harms and Effects
Cyber extortion happens not only to big and small companies but also to individuals. Anybody can suffer from the encryption of their data. Cybersecurity Ventures magazine predicts that the damage caused by ransomware could cost the worldwide stage $265 billion by 2031, based on the fact that this type of cybercrime hits both enterprises and consumers at a rate of one attack every few seconds.
When there is blackmailing, you have two options: paying or not paying. It is in fact questionable whether paying is legal or what is the correct and the least detrimental action in the event of cyber extortion. However, statistics show that about 70% of companies victims of ransomware have paid. Stakes were high, probably, but in reality, the pay-out was not all that these companies had to sacrifice. They had to cover their business interruption expenses, the restoring of functionalities, claims from third parties, and last, but not least, reputation wounds.
This is not everything. A lot of cybersecurity experts believe that attackers tend to invest their earnings in developing even more extensive state-of-the-art software. It is also discussed that some hackers sponsor criminal enterprises and terrorist organizations.
A Few Shocking Fresh Examples
- In 2020, Acer suffered from a REviL ransomware attack and was demanded to pay $50 million – the biggest ransomware attack so far.
- Travelex reportedly paid hackers $2 million in Bitcoin.
- The hackers’ organization Babuk threatened NBA that it would release 500 GB of stolen confidential data about The Houston Rockets.
- After the Health Service Executive of Ireland was attacked, sensitive medical information for 520 patients and confidential documents were published online.
The Way Out
The most expensive ransomware events have a global impact but no global impact is necessary for a cyber attack to ruin your business or your private life. On a larger scale, governments are searching for the best approaches for collaboration with private cybersecurity companies in the battle with cybercriminals. But what can ordinary people do to protect themselves?
Awareness and training are essential for improving the security level of your computer systems. It is highly recommended to educate yourself, your users, and your employees about the cybersecurity basics. Training for data management, passwords safety, and avoiding cyber threats is also a good idea.
As precious as knowledge can be, it is only the robust foundation to scale on. You can obtain all-around protection by following the best security practices of combining technologies, expert assistance, immediate response, and insurance coverage. At Cyber Lev Ins we strive for delivering comprehensive package solutions of a new kind that fit these requirements. Learn more about our products designed to counteract cyber extortion.