Cyber extortion, a malicious practice that leverages technology to extort individuals or organisations, has become an increasingly prevalent threat in the digital age. This insidious tactic often involves cybercriminals gaining unauthorised access to sensitive data, such as financial records, personal information, or intellectual property. Once compromised, these attackers demand a ransom payment to restore access or prevent the release of the stolen data.
Cyber extortionists employ a wide range of tactics. Common methods include ransomware attacks, in which malicious software encrypts files, making them inaccessible until a ransom is paid. Other strategies involve threats of data breaches, reputational damage, or disruption of critical services. This article discusses cyber extortion, its methods, reasons and how to protect yourself.
Table of Contents
What is Cyber Extortion?
The process of cyber extortion, or electronic blackmail, is the process of obtaining pictures, videos, audio recordings, and conversations of a person in which sexual matters and issues are often affected. The offender threatens the person with publishing or leaking their data on social networking sites if the person does not comply with the orders and requests of the cybercriminal negotiating with him.
Types of cyber extortion have become more prevalent than ever, mainly due to the lack of awareness of social media users regarding the ease of hacking and obtaining information through hacking, In addition to the increase in the number of social networking sites and their spread among people and the tendency to use them without addressing The rate of encryption of personal information or the success rate of the application against repeated electronic hacking attempts.
There are always targets for the blackmailer blackmailing the victim, often aiming to obtain money or sexual goals from the victim. This is because the blackmailer accesses the information by penetrating the victim’s accounts through sexual links or sites, or it is possible that he is previously monitoring the person’s accounts and is looking for what he condemns.
Reasons Behind Cyber Extortion
Hackers took advantage of the rapid development of electronic hardware, software, and the Dark Web to facilitate their crimes. In this context, it is possible to indicate in detail the reasons for the increase in cyber extortion as follows:
Software Vulnerabilities
Security vulnerabilities are a common reason behind cyber extortion. They occur during software manufacturing processes, which are not noticed until after a while, as hackers search for these vulnerabilities to control software and hardware and steal their users’ data, blackmailing them as far as possible before they are discovered. These vulnerabilities by manufacturers and fix them.
Leakage of Hacking Tools
Security services develop software to be used in their work. In this context, a piracy group known as (Shadow Brokers) leaked many software designed to penetrate operating systems from the US National Security Agency (NSA) on the dark web, and these leaks were used to prepare generations of ransomware, the most famous of which is the (WannaCry) program.
Social Engineering
Hackers resort to psychological manipulation methods for cyber extortion. They trap users by spreading rumours to obtain information, exploiting users’ attitudes and emotions towards certain issues on social networking pages, stealing identities and dealing with them, and many others to push users to disclose their confidential information, account data, and privacy to blackmail them later.
Digital Currencies
The availability of digital currencies such as Bitcoin and others represented a quantum leap for pirates, as it is difficult to track transactions that take place using digital currencies, in addition to the fact that there are no standards, laws, or even bodies that regulate their work. The multiplicity of types and the significant increase in value made it the perfect choice for many cyber crimes, such as money laundering, suspicious transfers, contraband trade, tax evasion, and cyber extortion.
Hacking Services
There are criminal commercial projects (Cyber-crime businesses) on the dark web in which hacking individuals and gangs offer their hacking software and services. These projects focus on specific strategies in their work, such as conducting fraud operations, stealing identities, cyber extortion, researching and developing malicious tools and software, or stealing it, if possible, targeting services and infrastructure.
Cyber Extortion Patterns
Cyber extortion has evolved into a sophisticated and organised threat. By analysing attack patterns, we can better understand the tactics used by cybercriminals, identify emerging trends and develop more effective prevention and response strategies. This exploration will delve into common patterns observed in cyber extortion attacks, shedding light on the evolving landscape of this dangerous digital crime:
Violating the Privacy of Users
If hackers succeed in penetrating some sites and obtaining visitor and user data, these pirates are quick to threaten to leak the stolen data or sell it on the black market unless those in charge of these sites pay a certain amount of money. This cyber extortion puts them in a critical position: either pay or face the data leak’s consequences. These consequences manifest as a torrent of cases affected users file against them and tarnish their reputation.
Blockchain Attacks
It is a constantly growing list of records called blocks that are interconnected and encrypted so that transactions between parties can be recorded efficiently, securely, and permanently. Hackers seek to steal the blocks’ private keys to access the cryptocurrencies within them or corrupt the records and recorded transactions. The hackers use cyber extortion to force individuals or companies to pay them, or they will wreak havoc.
Targeting Supply Chains
Hackers target companies to spread logic bombs and malicious software, such as Trojans, in their internal networks to disrupt their business. Hackers use cyber extortion to damage the company’s supply chains and open holes in the network. Companies are forced to pay a ransom for the hackers to reveal the locations of defects and gaps they created or exploited.
Threatening Manufacturing Systems
These are systems inside factories that run and manage manufacturing and production processes. Pirates make small and hidden modifications to these systems so that the final product is full of defects and cannot be used. Then, they use cyber extortion to threaten factories to reveal these modifications and their locations. Many parties depend on these systems, such as food and pharmaceutical factories, which are the main targets for this type of attack.
Crisis Management to Control Cyber Extortion
Experts offer a set of recommendations that must be considered when individuals and companies are exposed to cyber extortion. These recommendations include a warning against conducting extensive conversations with the extortionist, as these conversations are often fraught with danger. Communication should aim to gain time until formulating a plan to respond to the crisis, notify the security authorities, or negotiate a lower ransom amount, as the blackmailer constantly looks for additional weaknesses to exploit.
The blackmailer may try to leak the information to pressure the victims and manipulate them to keep communication open. Paying the ransom may seem like the fastest way to solve the problem, but the blackmailer may not really intend to return the data and abandon the systems it controls. They are simply trying to extort as much money as possible for as long as possible.
The motives of the blackmailer may also be represented by a group of factors: ideological, political, and the desire for revenge. These factors will lead to implementing the blackmailer’s threats, destruction, and leakage of what they have, even if their financial demands are met.
Indeed, paying the ransom—in itself—may turn the victim into a target. After using cyber extortion on the victims, hacking gangs communicate with each other through the dark web and publish lists of victims who have paid the money. These lists can attract new hackers who might exercise cyber extortion or other cybercrime against the victims.
Cyber Extortion Methods
There are many methods that the blackmailer uses to commit cyber extortion, and these methods are as follows:
Ransomware
Ransomware is the most common method of cyber extortion. The blackmailer sends an email or a message containing a link to the person who is blackmailing him, and when he clicks on the link, he will hack the device of this person to obtain important information about them, then he will demand huge sums of money in exchange for not publishing this information.
Extortion through communication sites
Here, the blackmailer infiltrates your device or personal accounts on social media, searches for any sensitive information about you, and threatens you to pay in exchange for not publishing any information. The hacker can deceive you by sending a message stating that he has pictures and videos of you, and you must fulfil his desires so he won’t expose you.
Sexual Extortion
In this form of cyber extortion, the blackmailer communicates with the victim through dating sites, luring them to communicate via messages. The criminal then requests photos and disturbing videos of the victim so he can threaten them, or the blackmailer can hack the victim’s devices and get photos and videos through their webcam.
Protection of Individuals
Internet users can protect themselves from the dangers of cyber extortion by constantly updating the operating systems of personal computers and smartphones, updating anti-virus and firewall programs, making backup copies of important data, avoiding visiting strange and suspicious websites, and not opening any links in e-mails of unknown origin.
Experts believe that the best way to protect organisations from cyber extortion is to conduct continuous assessments of information security risks. These assessments ensure that programs and devices are continuously updated. Organisations can also constantly review user privileges to prevent any attempts at unauthorised entry.
In addition to developing training programs for its employees and suppliers to train on dealing with cyber-attacks involving cyber extortion, reviewing and updating response plans to cyber-attacks periodically, and participating and exchanging information in cyber-security forums.
Some institutions have increasingly resorted to insurance companies issuing a cyber liability policy against accidents and cyber-attacks (Cyber Liability Policy), covering losses, data damage, financial losses, and additional expenses. The policy also covers the costs of cyber-attack lawsuits, including cyber extortion.
Which Businesses Are More Vulnerable to Cyber Extortion?
In an era where all businesses rely on networked systems, they are all vulnerable to cyber extortion. Hackers typically target structures with less robust and efficient security or those that manage data with specific features. As a result, small and medium-sized businesses are among the most affected by cyber extortion.
According to Fundera research, 43% of SMEs have experienced a cyber assault, with 60% going out of business in the six months following the incident. In this scenario, we are dealing with infrastructures that cannot afford to have their services disrupted and, hence, pay the ransom to address the problem as quickly as possible.
These organisations are listed as the most affected companies by cyber extortion in the following order:
- Technologies and communications: this sector has seen a significant increase due to the formation of the metaverse. Creating a new socialisation platform has enhanced the options for online trading and, as a result, the opportunities for extortion.
- Finance is another extremely profitable industry since it must secure the personal information of its clients.
- The Energy industry: this industry offers the door to potential terrorist strikes via hacking.
Famous Cyber Extortion Cases
To acquire a better understanding of what a cyber extortion attack is and how it works, consider the following real-world examples:
Nokia
In 2007, hackers stole the encryption key for Nokia’s smartphone operating system, threatening to release it and potentially expose millions of devices to malware. To prevent this, Nokia reportedly paid a ransom of millions of dollars. Finnish media outlet MTV later disclosed the incident, which remained secret for years.
Domino’s
In 2014, the hacker group Rex Mundi targeted the fast food chain Domino’s Pizza, stealing data from 650,000 French and Belgian customer accounts. They demanded a ransom of 30,000 euros, but the company refused to pay. Instead, Domino’s advised customers to change their passwords, ensuring no financial information was compromised.
Code Space
This is one of the few instances of cyber extortion that resulted in a business’s shutdown. The code hosting company was initially targeted via DDoS, and the hackers subsequently took control of the Amazon EC2 control panel. They removed the storage volumes, backups, and system configurations for good. The corporation declined to pay the ransom and attempted unsuccessfully to retake control of its facility.
HBO and Game of Thrones
In particular, HBO has been the victim of cyber extortion attacks for some time, so much so that in the past, the company lost the exclusive rights to four episodes of the famous TV series Game of Thrones due to a hacker attack that allowed hackers to publish the videos online even before the official release by the company. It is no coincidence that for the final finale of Game of Thrones season 8, HBO has decided to turn to different alternatives so as not to be blackmailed by cyber-criminals.
After years of making money with ransomware, malware that blocks PC data asking for a ransom to get the documents back, and after the money generated by computer attacks generated in the context of cyber-espionage, hackers are using a new system to target companies.
We are talking about new cyber extortion methods. In practice, new malware does not just ask for payment to unlock files and passwords. It forces companies to pay to prevent their information or secrets from being published on the Net.
Recently, these viruses that use extortion have hit two large international companies dealing with TV series and streaming content publishing, such as HBO and Netflix. A group of cyber criminals threatened the companies. If they didn’t pay a ransom, their premiere films would end up online before the official release.
How Can a Company Protect Itself from Cyber Extortion?
A corporation must take the following actions according to official data protection guidelines:
Top Management Must Promote Safety Efforts
Managers can promote safety efforts by establishing a culture of cybersecurity awareness. This includes implementing comprehensive security policies, regularly updating protocols, and providing employee training. When leadership prioritises cybersecurity, it ensures accountability, fosters a proactive approach, and strengthens defences against potential cyber extortion threats.
Employee Distraction
Employee distraction is key in many cyber attacks, as inattentive staff may unknowingly click on phishing links or mishandle sensitive data. Companies should invest in thorough cybersecurity training, ensuring employees recognise potential threats and remain vigilant, reducing the risk of falling victim to cyber extortion schemes.
Dedicated Software
Corporations should implement dedicated security software that provides real-time threat monitoring across all company devices. This proactive approach immediately detects suspicious activities, enabling swift responses to potential cyber extortion attempts. Reliable software solutions help safeguard sensitive data, ensuring a stronger defence against evolving cyber threats.
Cloud and Backup Services
Using cloud and backup services ensures data is securely stored offsite, providing an accessible copy even after a cyberattack. This eliminates the need to pay ransom, as critical information can be quickly restored from backups, minimising downtime and protecting against data loss during cyber extortion attempts.
Computer System Protection
Companies must prioritise protecting their computer systems to prevent cyber attacks, as breaches can damage their online and offline reputations. A strong cybersecurity framework safeguards sensitive data and preserves trust with clients, partners, and the public, ensuring long-term business integrity.
IT Security
Investing in IT security safeguards a company’s economic and informational assets from cyber extortion. Businesses protect their operations from costly disruptions and breaches by securing sensitive data, intellectual property, and financial resources. Effective IT security measures help maintain the integrity and confidentiality of corporate assets, ensuring long-term stability.
Individuals, SMEs, and major corporations are all at risk from cyber extortion. Although certain industries are less affected by this issue, appropriate strategies are critical to avoid economic and brand reputation damage.
FAQs
What are the consequences of cyber extortion?
Cyber extortion can have severe consequences, including financial loss, reputational damage, operational disruption, and emotional distress. Victims may also face legal and regulatory consequences.
How can I protect myself from cyber extortion?
To protect yourself from cyber extortion, it’s essential to implement strong cybersecurity measures, educate employees about the risks of cyber threats, and have a plan to respond to extortion attempts.
What should I do if I receive a cyber extortion threat?
If you receive a cyber extortion threat, do not respond to the demands and immediately report the incident to the appropriate authorities. Avoid paying the ransom, as this may encourage further attacks.
What is the role of law enforcement in combating cyber extortion?
Law enforcement agencies are crucial in investigating and prosecuting cyber extortion cases. They can work to identify and apprehend cybercriminals and recover stolen data.