Extortionware is the latest criminal business model for modern-day hackers

By Malavika Pradeep

Published Mar 31, 2021 at 11:26 AM

Reading time: 4 minutes

The COVID-19 pandemic has driven most organisations either online or out of business. As companies forcefully embraced a digital workforce, they were tasked with securing their remote workload and data from a variety of online threats. Unfortunately, this was uncharted territory for many, which led to the creation of a breeding ground for cybercriminals. Presently, as cyberattacks stand at an all-time high, modern-day hackers seem to be employing a new business model to amplify the success of their attacks and ransoms: extortionware.

What is extortionware?

We’re all familiar with the term ‘ransomware’ at this point. Credited as one of the most common types of cyberattacks, cybercrime usually pans out with an infected email. When its attachments are opened by recipients, all the files housed on the computer and network become compromised and encrypted. The hacker then offers to de-encrypt the files at a price.

Ransomware was 2020’s weapon of choice until hackers realised the potential of extortionware. Even more difficult to predict and protect against, extortionware attacks usually target high-profile companies and personnel. Cybercrime is more about the retrieval of data than its destruction or encryption. Once hackers gain access to your system and extract sensitive information, demands are made, usually for money, followed by a threat. For example, criminals may send your company’s intellectual property to competitors or distribute embarrassing data online unless they’re paid.

The major concern with this sort of attack is that even regular backups won’t help you stay protected. Once hackers get their virtual hands on your porn stash, there is nothing you can do about it. Even if you pay the pressurised ransom, the move won’t guarantee the restoration of your data, not to mention your reputation.

An evolving criminal business model

Ransomware, coupled with extortionware, makes a sturdy criminal business model. The BBC noted the immense potential of this rising trend for “affecting companies not just operationally but through reputation damage.” This statement was made following up a group of hackers who posted a screen grab of an IT director’s secret porn stash.

In a blog post on the dark web, the cyber-criminal gang named the director whose work computer allegedly contained the files. The screen grab posted to the blog featured dozens of folders catalogued under the name of various porn stars and websites. “Thank God for (name of IT director),” the caption read, “While he was masturbating we downloaded several hundred gigabytes of private information about his company’s customers. God bless his hairy palms, Amen!”

However, the post has been deleted in the last couple of weeks—proof, which experts imply that “the extortion attempt worked and the hackers have been paid to restore the data and not publish any more details.”

“Extortionware is the new norm,” stated Brett Callow, a threat analyst at cyber-security company Emsisoft. In an interview with the BBC, he labelled these incidents as “no longer simply cyber-attacks about data” but “full-blown extortion attempts.” “Hackers are now actually searching the data for information that can be weaponised. If they find anything that is incriminating or embarrassing, they’ll use it to leverage a larger pay-out.”

The analyst has been following ransomware tactics for years and admitted to witnessing this shift in methods in late 2019. “It used to be the case that the data was just encrypted to disrupt a company, but then we started seeing it downloaded by the hackers themselves. It meant they could charge victims even more because the threat of selling the data on to others was strong.”

Just yesterday, Representative Matt Gaetz, Republican of Florida and a close ally of former President Donald J. Trump, came under federal investigation over alleged claims of sex trafficking and potentially having a sexual relationship with a 17-year-old. “What is happening is an extortion of me and my family involving a former Department of Justice official,” Gaetz said in an interview with Fox News. “On 16 March, my father got a text message demanding a meeting wherein a person demanded $25 million in exchange for making horrible sex trafficking allegations against me go away.”

The former congressman seeked help against the blackmailing from the local FBI and the Department of Justice (DOJ) who asked Gaetz’s dad to wear a wire to record further extortion phone calls. “Tonight I am demanding that the DOJ and FBI release the audio recordings that were made under their supervision which will prove my innocence and that will show that these allegations aren’t true—they’re merely intended to bleed my family out of money,” Gaetz added.

Protection is better than reaction

The Maze ransomware group became the most notorious cybercriminal group for using extortionware methods in 2020. If companies refused to pay Maze’s ransom fees, these hackers exposed their data online through continuous data leaks that made it next to impossible to know when they would stop.

Given how lucrative extortionware is for hackers and the fact that ‘work from home’ is set to become the new norm, the cyber attack genre will continue to grow as a favoured practice post-pandemic. However, there are steps that organisations can take to ensure their data is sealed air-tight against such malicious threats.

According to Security Magazine, end-user data, NAS systems, file shares, virtual machines and SaaS applications including Microsoft 365 are particularly vulnerable to extortionware attacks. To ensure cyber resilience and protect these large sets of data, organisations are recommended to implement a “holistic security strategy that incorporates both protection and recovery.” This includes the deployment of protective measures while empowering resilience to minimise downtime when an extortionware attack happens.

“A strong data management approach, coupled with a robust protection architecture that includes reliable backup and disaster recovery helps ensure these applications remain protected and easily recovered,” experts at Security Magazine advise. This involves increasing your network perimeter security with a firewall as well as installing anti-malware software both on personal and work computers along with regular data backups. Organisations are also recommended to test their data recovery and backup solutions frequently to ensure optimal success against such cyber attacks.

As workload goes digital, almost every organisation is vulnerable to 2021’s extortionware storm. The fact that a whopping $20 billion was paid as ransom by various organisations in 2020 (almost double its $11.5 billion estimate from 2019) further pleads the case for them to prioritise data protection and recovery strategies. As we head into a digital-first age, these practices also have the potential to become the bare minimum operating policies customers will look for themselves in any company, no matter its size or industry.

Keep On Reading

By Abby Amoakuh

Black models boycott Melbourne Fashion Week to protest racial discrimination

By Fleurine Tideman

Revving my engines: Can women find F1 drivers sexy and simultaneously enjoy the sport?

By Fleurine Tideman

Is BeReal dead? We asked two social media experts and the app’s COO to find out

By Abby Amoakuh

Gen Z girlies are rushing to freeze their eggs: Everything you need to know about the new trend

By Abby Amoakuh

Inside Just Stop Oil training sessions where new recruits are taught how to deal with angry drivers 

By Charlie Sawyer

Topicals brand trip goes viral after Nella Rose claims influencers were subjected to racism and Islamophobia

By Charlie Sawyer

Are UK-based citizens actually going to be forced into mandatory conscription?

By Abby Amoakuh

Grave site for Megan Thee Stallion’s mother ramps up security after Nicki Minaj fans leak location

By Fatou Ferraro Mboup

Lego urges California police department to stop using its toy heads for mugshot images

By Charlie Sawyer

Fans predict Kris Jenner will oust Alabama Barker from the Kardashian family

By Fatou Ferraro Mboup

NHS starts testing weight loss pill with gastric balloon inside for the first time

By Abby Amoakuh

Videos circulate of CEO Sanjay Shah dying in freak accident in front of 700 people at company party

By Louis Shankar

Nex Benedict’s tragic death proves the US and UK have learnt nothing about inclusivity in schools

By Alma Fabiani

Alicia Keys surprises London commuters with piano performance at St Pancras train station

By Charlie Sawyer

TikToker Cliff Tan shares his tips on how to feng shui your room for love ahead of Valentine’s Day

By Jack Ramage

What is bone smashing? Incelism’s newest and most dangerous beauty trend

By Abby Amoakuh

VICE’s attempt to call that viral London pub culture TikTok art is giving high-key millennial cringe

By Charlie Sawyer

Singer Luke Combs sickened to hear about his team’s $250K lawsuit against loyal fan, offers to help

By Charlie Sawyer

Understanding the sneaky link: Meaning of the dating trend beyond the hook-up

By Abby Amoakuh

Griselda Blanco’s son Michael reveals new Netflix series is inaccurate and files lawsuit