Cyber extortion has evolved into a complex and sophisticated form of cybercrime. Unlike traditional ransomware, which is typically computer-generated, broad, and indiscriminate in approach, cyber extortionists usually target specific companies for valuable data and hold them for ransom by threatening to release it into the public domain.
Doros Hadjizenonos, regional director at cybersecurity specialists Fortinet, says relying on firewalls and endpoint protection alone is not enough to mitigate the threat.
“We’re witnessing a hybrid of traditional ransomware and cyber extortion where the attackers encrypt and exfiltrate data, along with a threat to release it. Whether it’s ransomware, cyber extortion, or a hybrid of the two, similar tactics are usually involved in gaining access to sensitive data by exploiting vulnerabilities in systems or people,” he explains.
Artificial intelligence (AI) is adding another layer of complexity to cyber threats, too. “AI makes generating code much more accessible to criminals with little programming language experience. The same is true for AI-generated phishing emails, which can be well-worded and sound legitimate.” However, the real danger develops when malware incorporates AI technology. Luckily, AI is also being used extensively by cybersecurity specialists to detect unusual patterns and behaviours within a network, notes Hadjizenonos.
Preparing for the worst
The consequences of a successful cyber extortion attack can be crippling for organisations, both financially and reputationally. While financial institutions and major retailers remain prime targets, smaller businesses contracted to larger companies and those with network connections also present significant risks.
“When protecting the organisation, businesses must consider any connections to third parties,” Hadjizenonos advises. “It’s crucial not to overlook the importance of cyber insurance and an effective incident response plan.” Companies should also rigorously test their incident response plans in real-world scenarios.
Additionally, organisations must understand the risks, prevention strategies, and potential aftermath of a cyber extortion attack. “Will you be prepared to pay the ransom? It’s worth considering that, sometimes, even when companies pay the ransom, they don’t receive the encryption key or get their data back. There are some serious decisions to be made in the event of cyber extortion, particularly if there is extremely sensitive data at stake,” adds Hadjizenonos.
The human vulnerability element
While having the right technology in place is a critical part of cybersecurity, human error remains a significant area of vulnerability. Cyber extortionists use clever social engineering tactics, including tracking employees’ social media to make the right inroads into an organisation, says Hadjizenonos.
“Everyone is vulnerable to this. All it takes is for one email, crafted at exactly the right time to elicit the right emotion, for an employee to click on a link if a cyber extortionist has enough information to work with. This is why employee training and awareness is so vital.”
A multi-layered approach to cyber extortion
What can organisations do to prevent cyber extortion? It comes down to having a solid cybersecurity plan with multiple layers of protection, says Hadjizenonos.
“You need a comprehensive approach because data is everywhere: in the cloud, on laptops, and with third-party vendors. A unified cybersecurity fabric or platform will have multiple technologies feeding into one another, covering multiple attack vectors.
“Having an array of complementary solutions is the best form of defence as it can often cover the entire attack surface. Fortinet’s Security Fabric approach integrates various solutions to offer complete protection across the network.”
While there is no silver bullet, there are proven ways to prevent a successful attack. “Efficient cybersecurity defences, including effective measures to mitigate the risk of cyber extortion, are a critical step towards ensuring data protection from increasingly complex threats,” Hadjizenonos concludes.