Extortionware is the latest criminal business model for modern-day hackers

By Malavika Pradeep

Published Mar 31, 2021 at 11:26 AM

Reading time: 4 minutes

16381

The COVID-19 pandemic has driven most organisations either online or out of business. As companies forcefully embraced a digital workforce, they were tasked with securing their remote workload and data from a variety of online threats. Unfortunately, this was uncharted territory for many, which led to the creation of a breeding ground for cybercriminals. Presently, as cyberattacks stand at an all-time high, modern-day hackers seem to be employing a new business model to amplify the success of their attacks and ransoms: extortionware.

What is extortionware?

We’re all familiar with the term ‘ransomware’ at this point. Credited as one of the most common types of cyberattacks, cybercrime usually pans out with an infected email. When its attachments are opened by recipients, all the files housed on the computer and network become compromised and encrypted. The hacker then offers to de-encrypt the files at a price.

Ransomware was 2020’s weapon of choice until hackers realised the potential of extortionware. Even more difficult to predict and protect against, extortionware attacks usually target high-profile companies and personnel. Cybercrime is more about the retrieval of data than its destruction or encryption. Once hackers gain access to your system and extract sensitive information, demands are made, usually for money, followed by a threat. For example, criminals may send your company’s intellectual property to competitors or distribute embarrassing data online unless they’re paid.

The major concern with this sort of attack is that even regular backups won’t help you stay protected. Once hackers get their virtual hands on your porn stash, there is nothing you can do about it. Even if you pay the pressurised ransom, the move won’t guarantee the restoration of your data, not to mention your reputation.

An evolving criminal business model

Ransomware, coupled with extortionware, makes a sturdy criminal business model. The BBC noted the immense potential of this rising trend for “affecting companies not just operationally but through reputation damage.” This statement was made following up a group of hackers who posted a screen grab of an IT director’s secret porn stash.

In a blog post on the dark web, the cyber-criminal gang named the director whose work computer allegedly contained the files. The screen grab posted to the blog featured dozens of folders catalogued under the name of various porn stars and websites. “Thank God for (name of IT director),” the caption read, “While he was masturbating we downloaded several hundred gigabytes of private information about his company’s customers. God bless his hairy palms, Amen!”

However, the post has been deleted in the last couple of weeks—proof, which experts imply that “the extortion attempt worked and the hackers have been paid to restore the data and not publish any more details.”

“Extortionware is the new norm,” stated Brett Callow, a threat analyst at cyber-security company Emsisoft. In an interview with the BBC, he labelled these incidents as “no longer simply cyber-attacks about data” but “full-blown extortion attempts.” “Hackers are now actually searching the data for information that can be weaponised. If they find anything that is incriminating or embarrassing, they’ll use it to leverage a larger pay-out.”

The analyst has been following ransomware tactics for years and admitted to witnessing this shift in methods in late 2019. “It used to be the case that the data was just encrypted to disrupt a company, but then we started seeing it downloaded by the hackers themselves. It meant they could charge victims even more because the threat of selling the data on to others was strong.”

Just yesterday, Representative Matt Gaetz, Republican of Florida and a close ally of former President Donald J. Trump, came under federal investigation over alleged claims of sex trafficking and potentially having a sexual relationship with a 17-year-old. “What is happening is an extortion of me and my family involving a former Department of Justice official,” Gaetz said in an interview with Fox News. “On 16 March, my father got a text message demanding a meeting wherein a person demanded $25 million in exchange for making horrible sex trafficking allegations against me go away.”

The former congressman seeked help against the blackmailing from the local FBI and the Department of Justice (DOJ) who asked Gaetz’s dad to wear a wire to record further extortion phone calls. “Tonight I am demanding that the DOJ and FBI release the audio recordings that were made under their supervision which will prove my innocence and that will show that these allegations aren’t true—they’re merely intended to bleed my family out of money,” Gaetz added.

Protection is better than reaction

The Maze ransomware group became the most notorious cybercriminal group for using extortionware methods in 2020. If companies refused to pay Maze’s ransom fees, these hackers exposed their data online through continuous data leaks that made it next to impossible to know when they would stop.

Given how lucrative extortionware is for hackers and the fact that ‘work from home’ is set to become the new norm, the cyber attack genre will continue to grow as a favoured practice post-pandemic. However, there are steps that organisations can take to ensure their data is sealed air-tight against such malicious threats.

According to Security Magazine, end-user data, NAS systems, file shares, virtual machines and SaaS applications including Microsoft 365 are particularly vulnerable to extortionware attacks. To ensure cyber resilience and protect these large sets of data, organisations are recommended to implement a “holistic security strategy that incorporates both protection and recovery.” This includes the deployment of protective measures while empowering resilience to minimise downtime when an extortionware attack happens.

“A strong data management approach, coupled with a robust protection architecture that includes reliable backup and disaster recovery helps ensure these applications remain protected and easily recovered,” experts at Security Magazine advise. This involves increasing your network perimeter security with a firewall as well as installing anti-malware software both on personal and work computers along with regular data backups. Organisations are also recommended to test their data recovery and backup solutions frequently to ensure optimal success against such cyber attacks.

As workload goes digital, almost every organisation is vulnerable to 2021’s extortionware storm. The fact that a whopping $20 billion was paid as ransom by various organisations in 2020 (almost double its $11.5 billion estimate from 2019) further pleads the case for them to prioritise data protection and recovery strategies. As we head into a digital-first age, these practices also have the potential to become the bare minimum operating policies customers will look for themselves in any company, no matter its size or industry.

Keep On Reading

By Abby Amoakuh

Jacob Elordi divides the internet with new beard and long hair, setting off different theories

By Charlie Sawyer

Who is Dee Devlin, the fiancée of Conor McGregor who just insulted victims of SA everywhere?

By Abby Amoakuh

From rodent boyfriends to frog princes: Gen Z are not done with categorising men as animals

By Charlie Sawyer

Why are Gen Zers hijacking the candy salad TikTok trend to trauma dump?

By Abby Amoakuh

Khloe Kardashian spreads conspiracy theory that Kris Jenner’s boyfriend Corey Gamble is an alien

By Abby Amoakuh

British Bond actress reveals director’s attempt to force unscripted sex scene

By Fatou Ferraro Mboup

Ariana Grande under fire from victim’s families for confessing that her dream dinner guest would be Jeffrey Dahmer

By Fatou Ferraro Mboup

Children as young as 14 participate in feral cat-killing competition, leaving over 300 animals dead

By Fatou Ferraro Mboup

Rosanna Pansino shocks fans after smoking her dead dad’s ashes in new podcast episode

By Charlie Sawyer

Misogyny to be labelled as extremism in the UK as Labour ramp up national security review

By Fatou Ferraro Mboup

Fashionably late to the satirical bash, conservatives finally get the message behind The Boys

By Charlie Sawyer

Taxing the rich and a 4-day work week: Why the Green Party’s manifesto is trending on TikTok

By Fatou Ferraro Mboup

Spanish footballers turn to sexual consent contracts amid rising rape and assault allegations

By Charlie Sawyer

The Apprentice star Sebastian Stan warns Trump’s criticism may spark new wave of violence

By Fatou Ferraro Mboup

Grace Jabbari drops assault lawsuit against Jonathan Majors, but unanswered questions remain

By Charlie Sawyer

4 important reasons why Blake Lively being controversial shouldn’t surprise anyone

By Charlie Sawyer

Why North West’s Lion King performance has made me team nepo baby

By Abby Amoakuh

It Ends With Us author Colleen Hoover’s long history of controversies and problematic behaviour

By Fatou Ferraro Mboup

Biden remains in US presidential race despite NATO blunders and growing Democrat pressure

By Fleurine Tideman

Love Is Blind: UK’s Ryan Williams spills the tea: is the Netflix reality TV show genuine or scripted?