What companies should know about cyber extortion



When cyber criminals hijack your data or website and demand a ransom, you become a victim of cyber extortion. Attacks and payments are on the rise, with some companies paying nearly $ 800,000 to regain access to their resources. We explain how cyber extortion works and what you can do to prevent it.

What is Cyber ​​Blackmail?

Cyber ​​extortion occurs when a malicious actor hijacks your information or website and demands payment to return the information or website to you. Cyber ​​criminals can hijack your website in a number of ways, such as by compromising your data and threatening to release it on the dark web, or by launching a denial-of-service attack that prevents customers from accessing your website.

Ransomware attacks are increasing, as are their costs. The average ransom payment in the third quarter of 2019 was $ 41,198. That number more than doubled in the fourth quarter, rising to $ 84,116. The total cost of recovery can be even higher. Some victims pay more than $ 780,000 to regain access to their data and resources. In 2021, the average total cost of restoration increased to $ 1.85 million. While the size of the ransom may vary based on the size of your business, most businesses today are at risk and need to prepare for ransomware attacks.

When cyber extortion occurs, a company may not be able to operate until it has faced the threat. And that can mean paying criminals big bucks to regain control.

Did you know already? Every company that has an Internet presence is exposed to cyber extortion. Research from Red Canary shows that 70% of businesses face more than 100 cybersecurity threats on a daily basis. Are you in danger Perform a cybersecurity risk assessment to see how protected your business is.

How does cyber extortion work?

Cyber ​​extortion and ransomware start when the hijacker gets access to your systems. They look for weak points in your security or hack passwords to gain access. Phishing schemes are one of the most common ways hackers gain access. Once in the system, they often inject some type of malware known as ransomware or cause a distributed denial of service (DDoS) attack. Ultimately, the business owner, their employees and their customers do not have access to normal systems.

Once the hijacker is in control of the systems, it makes its claims including the ransom amount required to restore the system and allow the company to restore its function.

What are common types of cyber extortion?

There are many ways that hijackers can infiltrate your business systems and demand payment from you, including the following.


Ransomware is a type of malware, malicious code or software that is injected into the system in order to compromise it. The areas at risk can include data confidentiality, system operations, or operating system function. Malicious software is often not recognized immediately and works for some time before someone notices that it is not working.

Ransomware also creates encryption keys that are required to regain access to the data or systems. The hijacker keeps the encryption keys until the ransom is paid.

Distributed denial of service attacks

A DDoS attack sends a plethora of traffic and requests to a website until the website becomes overloaded and unavailable. The cyber criminals infect a network of computers in order to send requests to the target site. This type of attack is often carried out in coordination with other cyber attacks.


In a phishing attack, hackers pretend to be a trustworthy e-mail sender in order to obtain access information. If the recipient is fooled and follows links requesting passwords and other private information, the hackers can see that information. Phishing is widespread among cyber criminals and companies should train their employees to avoid being a victim of phishing systems.

Company account transfer (CATO)

CATO occurs when a hijacker impersonates the company’s website or email and requests wire transfers or ACH transactions. Funds are sent to a legitimate account that is actually controlled by the hijacker. Organizations with minimal control over online banking systems are particularly vulnerable to this type of attack.

For your informationFor your information: Distributed Denial-of-Service (DDoS) attacks, phishing, and taking over corporate accounts are common forms of cyber extortion.

Who is Vulnerable to Cyber ​​Blackmail?

Any business with digital operations or digital storage is vulnerable to cybercrime, including cyber extortion. Because malware is easy to install, cyber criminals don’t even have to work hard to attack small operations.

According to a Red Canary survey, 92% of security executives said they are not entirely sure whether their organization can identify and stop the source of an attack. Almost 50% of organizations said they did not have the resources to stop an attack within an hour of the first data breach. This data suggests that organizations are not just targets – they are grossly incapable of dealing with these cyber violations.

Here are some common destinations:

  • E-commerce company: Businesses that rely on websites to market and generate sales are very susceptible to ransomware.
  • Doctors’ offices: A doctor’s office with digitally stored files is a target for data compromise and theft.
  • Financial advisor: Those who use online customer relationship management software, including customer portals, are often the primary targets.

Any company that relies on centralized digital processes, digital tools, or online customer relationship management systems is vulnerable to hijackers.

What are some examples of cyber extortion?

There are many public examples of cyber extortion from the past few years.

  • Ashley Madison: In 2015, hackers issued an ultimatum to the website owners to either shut down their dating site or to take their users’ data into the public domain. When the company refused to give in, customers’ private information was released.
  • Orange is the new black: The popular television show paid $ 50,000 in 2017 to prevent its episodes from being prematurely released. Even though it was paid for, the aftermath has leaked.
  • Colonial pipeline: In 2021, Oil transportation was halted until the company paid a ransom of $ 4.4 million in bitcoin. Some of these funds were found in what is believed to be a Russian hacker organization system.
  • Coordinated attack on up to 1,500 companies: A coordinated strike in 2021 called for a $ 70 million ransom to restore all businesses at once.

What are the effects of cyber extortion?

Cyber ​​extortion has a huge impact on businesses and, in some cases, the general public. The hacking attack on the Colonial Pipeline raised concerns about possible fuel shortages throughout the southern and eastern United States. Gas prices rose as the industry tried to meet demand. Colonial Pipeline paid the ransom in part because it couldn’t estimate how long it would take to identify and repair its systems.

For a small business, the effects of cyber extortion are significant. Kaspersky estimates that the average cost of a data breach to a small business could exceed $ 100,000. If this data breach involves a ransom, you could pay an additional $ 1,500 to $ 50,000 in ransom. Add to this the cost of having your system down while your system is down and the public perception that your business cannot be trusted. Customers can choose to move their business elsewhere.

All in all, corporate insurer Hiscox estimates the total cost of a cyberattack to small businesses at nearly $ 200,000. This is money that most small business owners just don’t have. If a small business can’t afford the cyberattack, it can shut its doors permanently.

How to Prevent Cyber ​​Blackmail

With any small business at risk, owners should do everything possible to prevent a data breach. A small business can take a few simple steps to prevent cyber extortion:

  • Maintain the health of the systems. Make sure you have an effective firewall and update your operating systems and software regularly. Also, use an up-to-date virus protection program.
  • Secure, secure and secure even more. They may seem redundant, but regularly scheduled backups will help you get up and running faster after a cyber attack. Without backups, you are at the mercy of the hackers.
  • Train your employees. Help your employees understand risky safety behavior. This includes teaching them to spot (and not click on) phishing scams, responding only to those who need information rather than responding to everyone, and avoiding using public systems unless they can use a secure mobility system . [Read related article: How to Build a Culture of Cyberdefenders at Your Business]
  • Use the intelligent internet protocol. Avoid clicking pop-up ads on the internet while you work. These can contain malware that is slowly gaining access to your system.

How cyber liability insurance can help

One way to protect your small business is by purchasing cyber liability insurance – not to be confused with general liability insurance. This type of insurance covers the costs associated with restoring your system from a cyber attack. Coverage includes mitigation services to try to get back to work with backup and restore operations as quickly as possible. It will also negotiate with the cyber attackers and pay ransom up to the policy limits.

For your informationFor your information: Find out more about the best cyber liability insurance providers in our CNA and AIG reviews.

While you can’t prevent every hack, cyber liability insurance will minimize the impact of hacks on your bottom line.



About Author

Comments are closed.