Kleiderman Security

View Original

Cyber Blackmail & Ransom

Kleid Security

Cyber Extortion and Cyberspace 

We all remember movie and detective novel scenes in which blackmail and extortion involved threatening a person that his or her private (and at times inappropriate) images will be published in the local newspaper, bulletin board, or sent to a loved one, thus creating an embarrassing situation.

Let’s fast forward a few years. Today, extortion of the types described still exists but has evolved to blend well with the tools that cyberspace provides criminals looking to carry out these havoc-reeking doings. Cyberspace has created a breeding ground for cyber-oriented ransom/ware and blackmail activities, all targeting the most precious asset of the digital age – data.

Cyber blackmail has taken on multiple forms, all focused on digital assets. The Modus Operandi is: steal the data and threaten exposure or deletion, deny access to digital assets and platforms such as websites and applications until the ransom is paid, thus harming business operations and one of the hacker favorites – encrypt the data and hold it hostage, thus denying access to it. 

New MOs and trends are being created all the time.

In one of the most common cyber ransom scenarios, victims' websites are attacked and knocked offline for around 15 minutes. After their site comes back online, they receive an email from the hacker offering to stop the attack if the victim pays $$$. Another possibly devastating scenario is when the attackers demand payment of thousands of dollars within a week to not only decrypt the data but to prevent it from being deleted forever.

Cyberspace has modernized and commoditized ransom attempts, adapting them to our day and age, the digital era. In the past, blackmailing was at least personal, today criminals and hackers looking to create random chaos can launch and spread cyber extortion campaigns by the dozen and at the click of a button.

So how can we avoid such cyber ransom attacks or at least mitigate the risk as much as possible? Back up your data and verify that your systems can withstand denial of service attacks. In addition, don’t pay the ransom, there’s a high chance that the hackers won’t comply.

Contact us.