Ransomware is one of the fastest-growing areas of cybercrime. Cyberextortion, ransomware and hacking hostage have become the easy moneymaking trend among hackers. They use malwares to lock and/or encrypt your data, and if you want it back, you have to pay up. It initially targeted PCs and is now evolving to mobile platforms.
Cyberextortion can take form in many schemes. Denial-of-Service (DoS) is when hackers create so much traffic on an organization’s website or online businesses that users are denied access. They would then demand money to stop the DoS.
One of the most common ‘Data Held Hostage’ schemes, is when cyberextortionist encrypt the victim’s data, preventing it’s use or access and demands a ransom in exchange for the decryption key.
Hackers may also steal intellectual property and threaten to sell it to competitors or alter DNS settings to redirect the corporate website and hold it hostage unless the victim pays to get it back.
Another form of Cyberextortion is to find weaknesses in corporate networks and threaten to notify the press, competitors or users unless compensation is paid.
A commissioned blind survey of 250 security professionals within U.S. mid-market enterprises by ThreatTrack Security, shows that 30% of the security professionals who responded said they would negotiate with the extortionists. And that percentage rose to 55% among organizations that have already fallen victim to cyberextortionists.
While large companies may be perceived as the number 1 targets for cyberextortion, small and mid-size enterprises are becoming more vulnerable. Hackers know that businesses simply can’t afford the loss of revenues if their site goes down and stays down for a period of time.
How would you deal with Cyberextortion? Pay it or fight it?
Proactive Risk Management is a leading multinational provider of risk management and security services. By taking a global and integrated approach to risk management and by recruiting the security industry’s top talent, PARM has been able to provide an unmatched level of service based on four interconnected pillars: business intelligence, incident management, loss prevention & security services, and technology / tradecraft innovations. Click here to learn more.