Extortionware is the latest criminal business model for modern-day hackers

By Malavika Pradeep

Published Mar 31, 2021 at 11:26 AM

Reading time: 4 minutes


The COVID-19 pandemic has driven most organisations either online or out of business. As companies forcefully embraced a digital workforce, they were tasked with securing their remote workload and data from a variety of online threats. Unfortunately, this was uncharted territory for many, which led to the creation of a breeding ground for cybercriminals. Presently, as cyberattacks stand at an all-time high, modern-day hackers seem to be employing a new business model to amplify the success of their attacks and ransoms: extortionware.

What is extortionware?

We’re all familiar with the term ‘ransomware’ at this point. Credited as one of the most common types of cyberattacks, cybercrime usually pans out with an infected email. When its attachments are opened by recipients, all the files housed on the computer and network become compromised and encrypted. The hacker then offers to de-encrypt the files at a price.

Ransomware was 2020’s weapon of choice until hackers realised the potential of extortionware. Even more difficult to predict and protect against, extortionware attacks usually target high-profile companies and personnel. Cybercrime is more about the retrieval of data than its destruction or encryption. Once hackers gain access to your system and extract sensitive information, demands are made, usually for money, followed by a threat. For example, criminals may send your company’s intellectual property to competitors or distribute embarrassing data online unless they’re paid.

The major concern with this sort of attack is that even regular backups won’t help you stay protected. Once hackers get their virtual hands on your porn stash, there is nothing you can do about it. Even if you pay the pressurised ransom, the move won’t guarantee the restoration of your data, not to mention your reputation.

An evolving criminal business model

Ransomware, coupled with extortionware, makes a sturdy criminal business model. The BBC noted the immense potential of this rising trend for “affecting companies not just operationally but through reputation damage.” This statement was made following up a group of hackers who posted a screen grab of an IT director’s secret porn stash.

In a blog post on the dark web, the cyber-criminal gang named the director whose work computer allegedly contained the files. The screen grab posted to the blog featured dozens of folders catalogued under the name of various porn stars and websites. “Thank God for (name of IT director),” the caption read, “While he was masturbating we downloaded several hundred gigabytes of private information about his company’s customers. God bless his hairy palms, Amen!”

However, the post has been deleted in the last couple of weeks—proof, which experts imply that “the extortion attempt worked and the hackers have been paid to restore the data and not publish any more details.”

“Extortionware is the new norm,” stated Brett Callow, a threat analyst at cyber-security company Emsisoft. In an interview with the BBC, he labelled these incidents as “no longer simply cyber-attacks about data” but “full-blown extortion attempts.” “Hackers are now actually searching the data for information that can be weaponised. If they find anything that is incriminating or embarrassing, they’ll use it to leverage a larger pay-out.”

The analyst has been following ransomware tactics for years and admitted to witnessing this shift in methods in late 2019. “It used to be the case that the data was just encrypted to disrupt a company, but then we started seeing it downloaded by the hackers themselves. It meant they could charge victims even more because the threat of selling the data on to others was strong.”

Just yesterday, Representative Matt Gaetz, Republican of Florida and a close ally of former President Donald J. Trump, came under federal investigation over alleged claims of sex trafficking and potentially having a sexual relationship with a 17-year-old. “What is happening is an extortion of me and my family involving a former Department of Justice official,” Gaetz said in an interview with Fox News. “On 16 March, my father got a text message demanding a meeting wherein a person demanded $25 million in exchange for making horrible sex trafficking allegations against me go away.”

The former congressman seeked help against the blackmailing from the local FBI and the Department of Justice (DOJ) who asked Gaetz’s dad to wear a wire to record further extortion phone calls. “Tonight I am demanding that the DOJ and FBI release the audio recordings that were made under their supervision which will prove my innocence and that will show that these allegations aren’t true—they’re merely intended to bleed my family out of money,” Gaetz added.

Protection is better than reaction

The Maze ransomware group became the most notorious cybercriminal group for using extortionware methods in 2020. If companies refused to pay Maze’s ransom fees, these hackers exposed their data online through continuous data leaks that made it next to impossible to know when they would stop.

Given how lucrative extortionware is for hackers and the fact that ‘work from home’ is set to become the new norm, the cyber attack genre will continue to grow as a favoured practice post-pandemic. However, there are steps that organisations can take to ensure their data is sealed air-tight against such malicious threats.

According to Security Magazine, end-user data, NAS systems, file shares, virtual machines and SaaS applications including Microsoft 365 are particularly vulnerable to extortionware attacks. To ensure cyber resilience and protect these large sets of data, organisations are recommended to implement a “holistic security strategy that incorporates both protection and recovery.” This includes the deployment of protective measures while empowering resilience to minimise downtime when an extortionware attack happens.

“A strong data management approach, coupled with a robust protection architecture that includes reliable backup and disaster recovery helps ensure these applications remain protected and easily recovered,” experts at Security Magazine advise. This involves increasing your network perimeter security with a firewall as well as installing anti-malware software both on personal and work computers along with regular data backups. Organisations are also recommended to test their data recovery and backup solutions frequently to ensure optimal success against such cyber attacks.

As workload goes digital, almost every organisation is vulnerable to 2021’s extortionware storm. The fact that a whopping $20 billion was paid as ransom by various organisations in 2020 (almost double its $11.5 billion estimate from 2019) further pleads the case for them to prioritise data protection and recovery strategies. As we head into a digital-first age, these practices also have the potential to become the bare minimum operating policies customers will look for themselves in any company, no matter its size or industry.

Keep On Reading

By Fleurine Tideman

Is BeReal dead? We asked two social media experts and the app’s COO to find out

By Charlie Sawyer

Republican lawmaker censured for saying mass shootings are god’s punishment for abortion rights

By Abby Amoakuh

Ariana Grande shakes off haters with new song as long-time stalker finally gets convicted

By Abby Amoakuh

Attention to all performative reading guys: here’s what your book selection says about you

By Abby Amoakuh

How this YouTuber known for viral pranks won a seat in the European elections 2024

By Abby Amoakuh

More than 30 female UK politicians targeted by deepfake porn campaign to humiliate them

By Fatou Ferraro Mboup

Shocking investigation reveals London special school pupils tortured in so-called calming rooms

By Charlie Sawyer

Conservatives are spreading dangerous misinformation about birth control on TikTok

By Charlie Sawyer

Emily Ratajkowski debuts divorce rings, symbolising the beginning of the loud breakup era

By Fatou Ferraro Mboup

Tradwife influencer uses racial slur in cooking video, unapologetic amid backlash

By Charlie Sawyer

Megan Fox accused of xenophobia after comparing bad photo of herself to Ukrainian blowup doll

By J'Nae Phillips

Exploring the rise of dental aesthetics and women’s grillz for Gen Z

By Malavika Pradeep

What is a femboy? Understanding this gender expression term

By Abby Amoakuh

The internet is obsessing over Bridgerton characters Benedict and Francesca’s sexualities 

By Abby Amoakuh

Remote Amazonian tribe reports aggressive sexual behaviour in young men after being exposed to internet

By Charlie Sawyer

Vivek Ramaswamy shares Taylor Swift conspiracy and Robert F. Kennedy Jr. denies OnlyFans rumour

By Fatou Ferraro Mboup

What is the viral red nail theory and does it actually work?

By Abby Amoakuh

Donald Trump versus Joe Biden: how will the candidates’ approach to student loans impact votes?

By Charlie Sawyer

OnlyFans models are using breastfeeding content as a loophole to bypass Instagram’s nudity policy

By Fatou Ferraro Mboup

Former Love Island contestant busted in £53 million cocaine smuggling operation