Extortionware - A New Trend Rising

  • 20th May 2021
  • Michelle Pace
  • Cyber Crime
Extortionware - A New Trend Rising

Extortionware - A New Trend Rising

Cybercriminals are cashing in on an emerging trend known as extortionware which is another example of the many types of cyber attack and, experts agree, is just about one of the worst.

According to a report by the BBC, hackers are now accessing extremely sensitive data, such as pornographic collections, in order to embarrass the victim into paying blackmail money. An anonymous IT director in the US has been targeted in this very way and the group responsible placed a post on the dark web confirming his name and that his work computer contained these secret files.

The dark web post also contained screenshots of the aforementioned files, containing porn star’s names and various websites. 

The BBC reports that the cybercriminal group posted: 

"Thanks (sic) God for [named IT Director]. While he was [masturbating] we downloaded several hundred gigabytes of private information about his company's customers. God bless his hairy palms, Amen!"

This post that was placed onto the Dark Web has since been removed which suggests that any ransom demands may have been met.

Both ransomware attacks and extortionware have seen incidences surge over the previous few years as methods become more sophisticated and better coordinated. Cybercriminal groups are now targeting large companies rather than solely aiming to hack individuals’ devices, as was the popularity over a decade ago. In this digital era, reputation damage can be as detrimental to a company as a data breach, if not worse.

Hackers are now concentrating on finding private information that will maximise embarrassment or incriminate people and businesses in the most public way if the ransom isn’t paid. Whereas data was once the target, now anything that can be weaponised will be used, lending leverage and increasing the likelihood of the ransom being fulfilled by the victim(s).

Extortion is a lucrative business for these cybercriminals. Serbus estimates that such ransom attacks in the UK cost businesses £365 million in 2020, with the UK being the second most attacked country across the globe. With the popularity of digital currency increasing and providing a high level of anonymity, hackers are requesting that victim’s ransom demand payments are fulfilled using this method.

This type of cyber attack can be difficult to prevent and its prevalence has grown over the past year, partly due to remote working throughout the Covid-19 lockdowns. Just as large scale businesses are primarily targeted, individuals can still fall victim to this type of cybercrime. If cybercriminals discover something to use against the victim, they will threaten (blackmail) the victim into handing over a sum of money. If this is not completed within a specified time frame, the hackers will release any compromising information to the victim’s employer, colleagues, or friends and family. Even if the information that the hackers’ release is false, this can do untold damage to an individual’s business or career, home life and outer personal circle.

For the best chance of preventing this type of cybercrime, there are measures you can take.

  • Install optimal anti-virus software on your devices, such as McAfee Total Protection. You can get a great discount on this with your free Notty Account.
  • Ensure any updates are installed; they frequently contain security patches.
  • Keep a separate backup of any data online
  • Never click on suspicious links - these can download malware onto your devices
  • Invest in cyber-insurance - this can help minimize the damage and may help pay any ransom demands if there are no other options. Notty offers a CyberCare package that covers all bases.
  • Use multifactor authentication. If a password is stolen or inadvertently given via a phishing scam, this will add an extra layer of security it more difficult for hackers to enter your network