board, electronics, computer

Cyber Extortion

Cyber extortion is an internet crime wherein a person’s electronic files or business data or sensitive and private data is held hostage until a ransom is paid. 

What is cyber-crime?

Cybercrime is any type of criminal activity that takes place digitally. It either targets or uses a computer or a computer network or a networked device. For example, data theft, which is one of the most common types of cybercrime. Cybercrime is mostly committed by cybercriminals or hackers who are looking to make money. These cybercriminals can be individuals or organizations. Very rarely does cybercrime aim to damage computers for reasons other than profit, these could be political and hackers.

Experts estimate that cybercrime damages will reach $6 trillion annually by 2021[1].

Most of the cybercrime committed falls under two categories: ones that use computers to commit other crimes and ones that targets. The cybercrime that targets computers involves viruses and other types of malware. The cybercriminals can or may infect computers with viruses and malware to damage devices or completely stop them from working or use the malware to delete or steal data. A Denial of Service (DoS) attack is one that stops users from using a machine or network, or prevents a business providing a software service to its customers. The cybercrime that uses computers to commit other crimes can involve using computers or networks to spread either illegal information, illegal images or malicious software. However, sometimes cybercriminals can conduct both categories of cybercrime at once – they may target a computer with a virus first and then use that to spread malicious software to other computers or machines throughout a network. These cybercriminals may also carry out Distributed Denial of Service (DDoS) attack, these are similar to a DoS attack but the cybercriminals use several compromised computers to carry it out.

Examples of Cybercrime

Cybercriminals can range from individuals to criminals’ organizations to state sponsored actors. These are some of the examples of cybercrimes:
Malware: Viruses infect computer systems. They destroy files, mess with the overall functionality, and then replicate themselves to jump to other devices and systems. Viruses are a form of malicious software or malware. These are any codes or programs that are written and distributed to do damage, steal data, or make money. This includes ransomware – these locks up a person’s files until they pay a ransom to unlock them – and adware – these spam a person with ads. A computer that has been compromised by a malware can be used by cybercriminals for several purposes – they could steal confidential data, use the computer to carry out other kinds of criminal acts, or cause damage to the data.

Phishing: Cybercriminals use spam emails, or other forms of communication to bait victims into giving out their personal information or undermine their own security or the security of the organization that they work for.

Pharming: This uses malware to reroute internet surfers to fake versions of websites where they enter their personal details unknowingly.
Distributed DoS Attacks: Cybercriminals use Distributed DoS attacks to bring down a system or network. A Distributed Denial of Service attack uses a standard communication protocol to spam the system with connection requests and overwhelms the system.

Keylogging: This spyware secretly logs in everything a person types and captures all their personal information in the process.

Cyberbullying: This refers to every and all kinds of online harassment that includes stalking, doxing (this is like exposing someone’s personal information, like their address), harassment, and fraping that is basically hacking someone’s social media and making fake posts.

Sniffing: Hackers can steal a person’s data by “sniffing” that person’s internet traffic with special tools if their connected to an unsecured, unencrypted public Wi-Fi network unless they have a VPN.

Crypto jacking: Hackers mine cryptocurrency by breaking into a person’s device without that person’s knowledge or consent.

Cyberextortion: This can refer to blackmailing victims by using their personal info or use ransomware where hackers infect a person’s computer with malware that encrypts all their files until they pay them a ransom to unlock them.

What is cyber extortion?

It is a category of cyber crimes where data is held hostage by hackers in order to extort money. These hackers may threaten to release a person’s personal data to the public if their demands are not complied with. Cyber extortion prevails in actions like ransomware, Distributed Denial of Service attacks, and email ransom campaigns.

Common Types of Cyber Extortion

Ransomware: People who are victims of ransomware are very commonly met with a demand to pay the cybercriminals ransoms of around 200$ to 1,000$.
The cybercriminal tricks the victim into clicking some kind of link or a pop-up ad or to open a corrupted file that was sent through an email or visit a website. These actions activate the ransomware which then spreads and infects the victim’s computers or, in the case of a company, their entire network. These ransomwares encrypt the servers and data and make them inaccessible to the victim and then to regain access, the victim has to give in to the demands of these cybercriminals.
Ransomware attacks have been leading the type of cyber extortion since the August of 2015 according to the Center for Internet Security.

Distributed Denial of Service (DDoS): In these attacks, a website, server, or system would be crippled by a flood of internet traffic that is sent their way by a network of infected computer systems. The attackers will stop once they are paid by the victim. However, sometimes, attackers send a warning first of the DDoS attack and then demand payment from the victim to not continue the attack.

Email Based Cyber Extortion: Cyber extortion also occurs through email-based ransom demands. The victims are informed that their personal information would be exposed if they did not pay a ransom within a deadline. Payments vary between 250$ to 1,200$.
Bitcoin is the most common form of ransom demanded in all forms of cyber extortion as it is widely believed to be an untraceable method of payment.

Effects of Cyber Extortion

Some of the outcomes of cyber extortion include data breaches, damage to a company’s reputation, loss of customers, business interruption, and financial losses. In data breaches, attackers may threaten to expose data that they have stolen from the company unless the company pays up. If the company does not or can not met the demand, it would risk losing all of its confidential corporate data and if this breach involves sensitive customer data, then the company may be held liable in court and incur heavy punishment from regulatory bodies that implement cyber extortion laws. The customers who have had their data breached would most likely lose trust in that company and move on to their competitors.

Examples of Cyber Extortion

In 2014, Feedly, a news aggregator application for various web browsers and mobile devices, was hit with a Distributed Denial of Service (DDoS) attack. It prevented users from accessing Feedly’s service. However, Feedly refused to give in to the demands and instead, the company worked with the authorities, other victims and the content network provider that it works with and very quickly, Feedly restored its service.

In 2014, the hacker group Rex Mundi targeted Domino’s Pizza. Rex Mundi claimed it had stolen customer records from Domino’s website and if Domino’s did not pay them a ransom of €30,000, it would release the records. However, Domino’s declined to pay the ransom. They informed its customers of the breach and noted that the data stolen didn’t contain any of their financial information only their contact details, delivery instructions and passwords. Rex Mundi never followed through with the threats.

In 2015, a group of hackers called the Impact Team hacked the controversial dating website Ashley Madison. The group did not ask for money, instead they threatened to release the users’ information publicly if the parent company, Avid Life Media (ALM), would not shut down all its dating sites (Ashley Madison and another one called Established Men). The hackers claimed that ALM did not remove the personal information of some of the customers despite them having paid extra to have that information removed. ALM did not give in to the hacker’s demands and subsequently, the Impact Tea leaked the Ashley Madison customer data.

In 2017, the Bad Rabbit ransomware affected several Russian websites. It also affected an airport and an underground railway in Ukraine. Bad Rabbit encrypts the content of every infected computer in exchange for $280 each.

In 2017, hackers threatened Netflix to release “Orange is the New Black” episodes unless they received $50,000 in ransom. However, after they received the amount, they released the episodes regardless. A similar case happened in the same year with HBO, where a cyber extortionist threatened to release episodes of “Game of Thrones” if they did not pay $5.5 million in bitcoin.

Difficulties in Prosecuting Cybercriminals

Cybercrime has been increasing as the years go by primarily because of how difficult it is to prosecute it. Cybercrime is constantly evolving like every other kind of crime. This definitely creates a lot of jurisdictional issues.

By its very nature, laws have to be very clearly defined in order to prove that these laws were violated in cases. It takes a great deal of time, debate, and discussion to pass laws and because of this handicap, laws are generally lagging a lot far behind the technology that the cybercriminals use to achieve their aims. It is difficult to create laws to protect individuals or businesses against a crime when it is difficult to even define the crime or the means in which the crime itself was perpetrated.

However, even when the laws required are created, they would need to also be assigned a governing agency that enforces the laws. This also creates a problem as cybercrimes can and are committed against almost anyone, anywhere in the world by literally anyone anywhere in the world. This makes it difficult to track down the perpetrators of the crime and even if they are found, it would be difficult to determine who will be responsible for prosecuting the crime even if it is determined to be a crime.

How to Prevent Cyber Extortion

As long cybercriminals find cyber extortion lucrative it will remain as a constant threat. These cybercriminals are always and constantly looking for new vulnerabilities to exploit and new ways to threaten the victims who are willing and who are able to pay. How does someone or a business avoid being a victim?

  • One of the fastest ways would be to install an antivirus software. Use the antivirus software to maintain a firewall and ensure that all system software and devices are all updated.
  • Companies should implement and test contingency and disaster recovery plans to ensure that they can recover from a cyberattack.
  • Encrypt sensitive data and develop several strategies for backing up. Test and implement the recovery process to avoid downtime in case of a ransomware or any other attacks.
  • Since cyber extortion mostly start through email tactics or through social engineering, companies should prioritize raising cyber security awareness. Employees should be trained to identify suspicious emails, links, pop-up ads, and websites. They should also be trained not post sensitive information online and to implement other steps that would reduce the likelihood of cyber extortion. Employees should also be encouraged to take cyber security courses outside of the company so that they can be more vigilant.
  • IT professionals can help to prevent the threat of ransomware. They can ensure systems are using antivirus protection and that all patching for all the software is up to date. This could prevent infections by most of the malicious software.
  • Companies and individuals can also protect their cyber security by purchasing a cyber insurance policy that would cover cyber extortion.

Private individuals and companies of all sizes are and can be targets of cyber extortion. Companies and individuals can make it difficult for these cybercriminals to extort them by protecting their businesses and their sensitive data with robust cyber security measures and having a cyber insurance as a safety net.

AUTHOR:

Anjali Vivek