Imagine waking up to find that your personal files, business data, or even social media accounts are locked, and the only way to regain access is to pay a ransom – that is cyber extortion.
As technology advances, cybercriminals are finding new ways to target people and businesses. Losing access to important files or having private data exposed can be stressful and costly.
Discussed in this article is the meaning of cyber extortion, how it works, and steps you can take to protect yourself.
Cyber extortion involves the blackmailing of an individual or organization by threatening to release sensitive data or launch a cyberattack.
Cybercriminals usually reach out after gaining access to their victim’s data, whether it’s their personal photographs in cloud storage or sensitive business information. They then threaten to disclose, delete, or manipulate this data unless the victim pays a ransom.
According to proofpoint.com, Cyber extortion operates in a particular manner that varies based on the tactics, techniques, and procedures employed by the threat actors. However, below are the steps that typically characterize the process.
Cyber extortion begins with the initial compromise of a victim’s network, system, or data, usually achieved through various infiltration methods.
Cybercriminals may use phishing techniques to trick victims into installing malicious software or disclosing sensitive information. They may also exploit vulnerabilities in an organization’s software, hardware, or human factors to gain unauthorized access.
Once inside a system, the attackers often install malware, such as ransomware, which encrypts the victim’s data.
Some malware is designed to spread throughout the network, infecting as many devices and systems as possible to maximize the impact.
With control of the victim’s systems or data, the cybercriminals then make their move.
In a ransomware attack, victims realize their data has been encrypted, and they can no longer access it. Then they receive a ransom note demanding payment (usually in a cryptocurrency like Bitcoin) for the decryption key.
If the victims choose to pay the ransom (which is generally not advised by law enforcement agencies as it fuels the criminal enterprise), the attackers should provide the means to recover the data or restore the systems. However, there’s no guarantee that cybercriminals will keep their end of the bargain.
In many cases, attackers maintain a presence within the victim’s system for potential future attacks or to steal more data to sell or use for other malicious purposes.
READ ALSO: Nearly 40% of Nigerian SMEs Pay Ransom to Cybercriminals
According to fortinet.com, below are the common types of cyber extortion.
One of the most common cyber extortion examples is ransomware.
During a ransomware attack, a hacker breaches your network and hijacks your data, or other critical element of your network and demands that you pay them money, typically in cryptocurrency, before they allow you to access your digital assets again.
Another common form of cyber extortion involves a DDoS attack, in which a cyber extortionist sends a huge number of requests to your web server, giving it too many to handle. As a result, your website ceases to function properly to the point it can no longer serve legitimate visitors.
An unauthorised party has stolen files from a compromised computer (end-user or server) via cyber attack. The hacker demands payment for secure return of the data and/or guarantees that it will be removed from their repositories. This attack is also sometimes called “data kidnapping.”
With email-based cyber extortion, the hacker sends you an email threatening to release private information over social media to family and friends unless you pay a ransom.
In some cases, the criminal may be bluffing, that is, they may not have anything embarrassing or disturbing to send. In other situations, they may have illegally obtained sensitive emails, text messages, pictures, or videos.
READ ALSO: Cybersecurity: How to protect your files from Ransomware attack
To protect yourself and business from cyber extortion, do the following:
You should backup your files and data regularly as this helps you have the latest version of your documents to keep running your operations smoothly even in instances where your files or data get attacked.
Knowing which data is essential to your day to day operations gives you a better idea of the assets you need to protect.
Having these cybersecurity applications help shield your system from malware that hackers use to execute attacks.
For individuals with businesses, it is essential that you perform background checks on all your employees to ensure that none has been involved in digital fraud in the past or has tendency to do so in future.
Endeavour to educate your employees on phishing, the types such as whale phishing, spear phishing, and how to avoid it.
Phishing is when hackers attempt to fool victims into divulging sensitive information. Whale phishing targets people in powerful positions, and spear phishing focuses on specific people or groups of employees.
Always update your software with security patches whenever they are available.
Ensure to use intrusion detection technology and your choice of this detection solution should be one that sends timely alerts to all concerned individuals.
As a business owner or a private individual, you should ensure that not everyone has access to your network. If an individual or employee does not need access to a particular segment of your network, they should not be able to access it.
Access to a cyber insurance policy helps cushion your organization from the financial fallout that usually follows a cyber attack.
It is important that you always have the most recent cybersecurity technology in order to prevent cyber extortion or attacks.
Cyber extortion is a serious threat, but you don’t have to be a victim. The key is to stay informed and prepared because prevention is always better than paying the price.
"If we have that, then we will be able to use the instrumentality of that…
Ebonyi State Commissioner for Works, Mr Lebechi Mbam, has noted that Governor Francis Nwifuru has…
Investing is one of the best ways to grow your money, but it also comes…
“Even the best-performing primary health centres are stretched thin. More well-equipped facilities are needed at…
Alausa highlighted various efforts of the current administration of President Bola Ahmed Tinubu to address…
In Nigeria, survival isn't just about strength or luck, it's about being street-smart. With a…
This website uses cookies.