Protecting Your Organization from Cyber Extortion
Oct 16, 2019
Cyber extortion has become an increasing cyber threat affecting both small and medium-sized businesses in recent years. The cyber crime of extortion is the act of a hacker demanding money through the use or threat of malicious activity to an organization’s systems and environment. Frequently, a hacker will use ransomware as a way to infiltrate an organization through hidden links in emails and webpages, providing access to internal systems, in order to demand financial payment.
An example of a recent cyber extortion campaign that occurred was through the hacking collective, Dark Overlord, which is known for attacking schools and medical centers through extortion-based scams. Kicking off 2019, they had allegedly obtained incriminating files of the insurers and wealth management firms of clients involved in the 9/11 attacks and requested payment in bitcoin to withhold their information from the public. According to The Daily Swig, “the FBI believes that Dark Overlord was responsible for an approximate 69 cyber break-ins and the sale of over 100 million records of personally identifiable information.” With cyber extortion ramping up, what can you do to protect your company from an attack? There are a few methods you can use and Secuvant is here to help. Let’s take a look into different types of cyber extortion and how you can protect your organization.
Types of Cyber Extortion
When it comes to the cyber crime of extortion, there are four types of cyber extortion. The main takeaway from these risks is they all begin with a hacker gaining access to a company’s systems and finding weak points where they can infiltrate the system. These can come from email, infected websites, or ad networks. That means that the hacker can target a large group of people and a small percentage of victims will end up paying the attackers. No matter which method reaches your organization, each of these threats has negative effects on a company and are very real threats.
Just like traditional blackmail, this involves criminals discovering valuable information, or in this case data. This occurs when cybercriminals breach corporate networks and exfiltrate valuable data. In 2017, cybercriminals infiltrated HBO’s database and threatened to post unaired episodes of Game of Thrones if the network didn’t pay them $5.5 million in bitcoin.
DoS and DDos Attacks
Another type of extortion is an attacker conducting denial-of-service (DoS) and DDoS attacks then soliciting payment to stop the attacks. On the flip side, an attacker could threaten these attacks and then request payment not to follow through.
In this type of attack, an attacker infests the victim’s devices with malware that prevents users from accessing the data stored on it or the device altogether. To remove the malware, the victim is expected to pay the hacker a ransom. This can be downloaded by opening an infected email attachment or a pop-up ad on a compromised website.
Database Ransom Attacks
Lastly, a database ransom attack occurs when hackers identify and hijack databases that use Elasticsearch, Hadoop, MongoDB, MySQL, and other systems that have not reset default administrative passwords or that have not been fully patched. Attackers replace the contents of a breached server with a ransom note that requests a specific payment of bitcoin to restore the data.
While these tactics sound threatening, understanding them is the first step to successfully protecting your organization. So, how can you prevent these types of cyber extortion attacks?
Preventing Cyber Extortion With Cyber Security Best Practices
How do you protect your organization from cyber extortion in an age where hackers are more creative in breaching systems? Here is a list of different actions and cyber security best practices you can make to protect your information.
- Create and utilize a data and file backup strategy
- Ensure high availability by having network redundancy (ISP connections, regional data centers, etc.)
- Conduct security awareness training with a heavy focus on phishing, spear phishing, and how hackers compromise businesses through email
- Perform background checks, limit privileges, and separate duties
- Implement appropriate technical controls such as NG Firewalls, IPS/IDS, AV, and EDR
- Patch vulnerabilities sooner rather than later
- Have measures in place to detect and protect in DDoS attacks
- Ensure your business has cyber security insurance and adequate coverage
- Utilize a password manager and follow NIST best practices for strong passwords
- Incorporate data breach prevention tools and intrusion detection into your cyber security program
In addition, you can also begin by securing your email and implementing best practices to mitigate email security risks. These are relatively simple fixes you can implement into your site immediately. However, for the more difficult protections, Secuvant is here to help.
How Secuvant Can Help Prevent Cyber Extortion
Secuvant offers organizations a number of solutions to analyze and detect vulnerabilities in their environment while making recommendations and providing tools to enhance your cybersecurity and detect and prevent attacks from occurring. Our five-step approach to assessing cyber risk in your organization begins with a gap and risk assessment, which takes a look at the technology and internal processes you have in place and how they align with the top seven cyber risks we have mapped out. Protecting from cyber extortion scams, ransomware, and phishing includes having the right cyber security practices in place, as well as the right tools. Our managed detection and response service discovers, prevents, detects, and responds to threats 24/7 which protects you from hackers and their attacks. However, don’t forget about having a good incident response plan in place in the event a breach does occur. You can never be too prepared in this day and age.
If you’re ready to safeguard your environment and protect your organization’s data and information through cybersecurity, reach out to us at firstname.lastname@example.org or 855-732-8826 to learn more about our service offerings. Our team of experts are trained in handling all types of cyber extortion and are here to help you prevent and resolve any attacks.