Whenever you think about extortion, what comes to your mind?
Most probably you think about an armed robber robbing a bank or a restaurant.
But what if we tell you there is another type of extortion that happens online?
Yes, it’s true, online extortion is very real and dangerous. In this blog, we will discuss in detail what is cyber extortion and how it works.
As an organization, it is important to learn about this cybersecurity threat and take the necessary precautions against it.
Let’s start with what exactly is online or cyber extortion.
What is Cyber Extortion?
In cyber extortion, your computer is either seized or hacked by some unknown person, whose main motive is to extort or get money out of you.
If you are running an organization, then, in that case, you need to pay some portion of your company’s revenue to the hacker as extortion money.
The attacker threatens to release all your data or take malicious actions using your hacked systems.
Click here for more detail.
How Often Does Cybercrime Happen?
Because of the increase in popularity of the Internet among common people, there is an increase in cyber extortion too.
By ransomware, they steal your sensitive data from your company and then use it against you in return for a hefty amount. Access to that sensitive information is only given back to you after you meet their demands or pay the money.
A fictional cyber extortion example…
Here’s a fictional example of cyber extortion that would help you realize how this scamming process works in real life. For example, let’s say you received an email that says that someone has hacked into your computer and taken control of your view camera. They said that they have seen you watching some movies which are restricted in your country. Now if you do not pay 1000 dollars in 24 hours, then they would inform the police. This is nothing but cyber extortion. If you receive an email like that just spam it and report it to the cybercrime unit.
A Real-Life Cyber Extortion Example…
Now that you have understood from the story written above about how the extortion system works, so let’s talk about a real-life example of such an incident now.
Saudi Arabia’s national oil corporation said on Wednesday that one of its contractors was likely responsible for the business’s exposed data, which is now being utilized in a cyber-extortion effort including a $50 million ransom demand.
Saudi Aramco, the Saudi Arabian Oil Business, notified The Associated Press that it “just became aware of the indirect leak of a small quantity of company data stored by third-party contractors.”
The oil company did not specify which contractor was affected, nor did it clarify whether the contractor was hacked or if the information was released in some other way.
“We certify that the data leak was not caused by a breach of our systems, that it has no influence on our operations, and that the business maintains a strong cybersecurity posture,” Aramco added.
The AP found a page on the darknet claiming the extortionist had 1 terabyte of Aramco data. The darknet is a portion of the internet kept behind an encrypted network and accessible only through specialized anonymity-providing software. 1,000 gigabytes equals a terabyte.
The portal gave Aramco the option to have the data destroyed for $50 million in bitcoin, with a countdown counting down from $5 million, most likely to put pressure on the corporation. Who is behind the cyber ransomware plan is yet unknown.
Aramco has already been the subject of a cyberattack. The so-called Shamoon computer virus, which destroyed hard drives and then flashed a picture of a burning American flag on computer displays, affected the kingdom’s oil behemoth in 2012. Aramco was compelled to shut down its network and destroy over 30,000 machines as a result of the assault.
Later, US officials blamed the strike on Iran, whose nuclear enrichment program had recently been attacked by the Stuxnet virus, which was most likely created by the US and Israel.
Another cyber ransomware swept the kingdom in 2017, disrupting systems at Sadara, a joint venture between Aramco and Dow Chemical Co. in Michigan. Officials warned at the time that it may be a reincarnation of Shamoon.
After trading halted last week for the Muslim holiday of Eid al-Adha, the sliver of Aramco that presently trades openly on Riyadh’s Tadawul stock exchange was at 34.90 riyals per share, or $9.30. This values the corporation at roughly $1.8 trillion, making it one of the most valuable companies in the world.
How to spot Cyber Extortion Scams?
You can spot such kinds of scams only if you come in direct touch with the hacker. Just like the example given above, receiving a suspicious email with links to unknown sites or if you find any sensitive information about your company available online by an unknown website or person, then there is a high possibility that a cyber extortionist is targeting you.
Safety precautions to be taken to reduce cyber ransom attacks:
Having existing safety precautions would help you to protect yourself and your company’s sensitive information and data from online hackers and cyber extortionists.
Hence, now we are going to talk about a few ways through which you can protect yourself and your business against online extortions…
Vigilant Monitoring Of Networking and Systems:
Make sure that you vigilantly monitor all the networks and systems of your business. Through this, you can keep the security of your business up to date and could also solve the vulnerabilities of your system. In this way, your business would become immune to any possible cyber attacks in the future.
Awareness about fraudulent emails:
Do you know which is the most common source through which any criminal, can target you?? It’s Email!
Hence as the CEO of your company your first job is to raise awareness about the different tactics or approaches cyber criminals use via emails to leak sensitive information. This would help your employees to stay alert about any such harmful traps.
Also, make sure that you create some policies about any phishing or suspicious emails that would help your employees understand the protocols to be deployed to counter such threats.
Make sure that you update your company passwords regularly to protect your online information.
To protect your data, make sure that you create unique and longer passwords that aren’t related to any sensitive data or information. Also if cyber extortionists manage to guess your initial password then he or they won’t be able to gain access to your information provided if you update your passwords regularly.
Robust Cyber Security:
Threats of cyber extortion would drastically reduce if your business contains robust cyber security.
Such kind of systems helps your business prepare against any cyber attack.
You can also partner with an IT solution service to develop a robust cyber security plan for your business.
Even though not everyone is a victim of cyberextortion, they are nevertheless in danger. Computer-assisted extortions are diverse, and they may not necessarily take place in front of a computer, but they are always carried out by one. The hackers’ ages range from 12 years old to 67 years old. The hacker may be on the other side of the world from the victim, and they would have no idea they were being hacked. Computer-assisted extortions are an issue in the twenty-first century. Criminals no longer need to steal banks, nor do they need to go outdoors to perpetrate any crime, thanks to advances in technology. On their laps, they have everything they require. Their weapons are no longer firearms; instead, they employ mouse cursors and passwords to attack.
We have mentioned some great tips that you can follow to protect your systems from such extortion attacks.