By now, many enterprise decision-makers are familiar with the concept of digital extortion, particularly in the form of ransomware. These encryption-based attacks lock users out of their sensitive and valuable data, applications and operating systems. Attackers demand a ransom in the form of untraceable digital currency for the decryption key – which may or may not actually be delivered upon payment.
Ransomware attacks have been impacting organizations for a few years now. However, this isn’t the only form of digital extortion in use today. As with other attack styles, hackers are becoming increasingly advanced in their preparations and malicious software capabilities.
As digital extortion attacks continue to increase, it’s imperative that IT leaders and executives ensure they are aware of these kinds of threats and the impacts they can have on overall company reputation as well as relationships with partners and customers.
Digital extortion explained: Generating profits for cybercriminals
A main reason behind the rise of digital extortion – and predictions on the part of security experts that these instances will only expand in the near future – is the fact that these attacks can be incredibly lucrative for hackers.
Ransomware, and other digital extortion attack styles, which we’ll delve into later on, all have a common denominator: high profit potential for cybercriminals. When enterprises and individual users are prevented from accessing their most important files and data – and particularly when these key assets are not backed up in a second location – victims are forced into paying attackers to lift strong encryptions and regain access.
Unfortunately, past ransomware attacks have demonstrated that just because a hacker is paid, doesn’t mean the attack will end. In some instances, including during the widespread WannaCry attacks, victims paid ransoms but never received a decryption key – or even a response – from cybercriminals. In other instances, once the ransom is paid, hackers will demand a second, higher ransom with the promise that access will be restored.
Due to these and other reasons, digital extortion has become a particularly dangerous and damaging threat to enterprises.
“Digital extortion is one of the most lucrative ways cybercriminals can profit in today’s threat landscape,” Trend Micro security researchers pointed out. “Many have fallen victim to this particularly particular scheme and been bilked out of their money – from ordinary users to big enterprises.”
Digital extortion of the past: DoS pave the way
Although current awareness of digital extortion attacks is most closely tied with ransomware infections, this style of making profit was also being used in combination with another familiar approach – denial-of-service attacks. And as Trend Micro’s Digital Extortion: A Forward-Looking View report notes, this style of extortion has been utilized by cybercriminals for over a decade, and hackers can be very insensitive in their approach.
“Good morning …we hope you’ve been enjoying the 100+ Gbps DDoS. To make it stop, please pay 30 bitcoins to the following wallet…” an example in the report stated.
As with ransomware attacks, the key here is to prevent access and coerce victims into payment. By bombarding key systems – typically consumer- or client-facing platforms – with high traffic volumes, they become inaccessible.
While not a top favorite any longer, some hackers still leverage DoS in conjunction with extortion in order to encourage payment on the part of victims. After all, a brand’s website that is inaccessible for even a few hours can translate to significant lost opportunities to connect with potential customers and foster business for today’s enterprises.
Ransom notes like this are often sent to businesses and consumers alike when hackers access their data.
Impacts to business reputation: Fake online reviews
In the current age, online reviews mean a lot to consumers and the buying decisions they make. In fact, Inc. Magazine reported that not only do 91 percent of individuals read online reviews, but 84 percent trust them as much as a personal recommendation from a friend.
This is no secret to hackers, who have used this knowledge to demand payment from businesses that rely on online reviews.
“Did you notice how all the hotels in your chain are lately getting very many negative reviews? If you want this problem to go away, follow the instructions…” noted an example in Trend Micro’s digital extortion report.
Often, hackers will work to be very timely in these types of extortion, targeting a company with an upcoming product release or other launch. In these instances, more consumers are looking for reviews and information, and cybercriminals work to negatively impact public perception. In some situations, like the example above, attackers will offer to stop the review spamming in exchange for payment, or may even go further and offer to retract negative reviews once the ransom is paid.
Supply chain disruptions: Machine hijacking
As the Digital Extortion: A Forward-Looking View report shows, some types of extortion go beyond the digital realm and impact operations in the physical world. Such is the case with equipment or machine hijacking, where cybercriminals hack into the software systems used to control and manage heavy machinery and/or manufacturing equipment.
In these events, hackers bring down supply chain operations, preventing production, manufacturing, shipping, distribution and other key processes, demanding payment in exchange for returned access to equipment. This can topple business activity for an organization, and have a considerable impact on its reputation and relationships with partners across the supply chain, as well as customers.
Uber extortion: A real-world case
Overall, extortion-style attacks can impact nearly anyone, including high ranking company officials, political figures, celebrities, individual users and beyond. Unfortunately, more often than not, even when payment to cybercriminals is made and a quasi-resolution reached, the damage to the victim or organization is already done.
Uber learned this the hard way in 2016, when it was discovered that hackers breached the company’s systems and made off with a considerable amount of personal data belonging to 57 million app users. Although the ride-sharing platform paid off cybercriminals to the tune of $100,000 to keep the matter quiet and prevent further data leakage, a change in management within Uber shifted this decision about a year later.
Uber representatives disclosed the hack and subsequent extortion to the public, which was generally met with negativity that the organization had waited so long to make customers aware of the potential danger surrounding their stolen data.
Mitigating extortion attacks
While attacks like this can impact any user or organization, there are a few best practices that can be leveraged to reduce the chances of these instances. The first step, of course, is awareness of this attack style in the threat landscape – advanced knowledge can help users strengthen protections proactively.
In addition, it’s imperative to properly safeguard sensitive personal and business information and to leverage strong authentication credentials in this manner.
To find out more, check out Trend Micro’s Digital Extortion report today.