Extortionware is the latest criminal business model for modern-day hackers

By Malavika Pradeep

Published Mar 31, 2021 at 11:26 AM

Reading time: 4 minutes

The COVID-19 pandemic has driven most organisations either online or out of business. As companies forcefully embraced a digital workforce, they were tasked with securing their remote workload and data from a variety of online threats. Unfortunately, this was uncharted territory for many, which led to the creation of a breeding ground for cybercriminals. Presently, as cyberattacks stand at an all-time high, modern-day hackers seem to be employing a new business model to amplify the success of their attacks and ransoms: extortionware.

What is extortionware?

We’re all familiar with the term ‘ransomware’ at this point. Credited as one of the most common types of cyberattacks, cybercrime usually pans out with an infected email. When its attachments are opened by recipients, all the files housed on the computer and network become compromised and encrypted. The hacker then offers to de-encrypt the files at a price.

Ransomware was 2020’s weapon of choice until hackers realised the potential of extortionware. Even more difficult to predict and protect against, extortionware attacks usually target high-profile companies and personnel. Cybercrime is more about the retrieval of data than its destruction or encryption. Once hackers gain access to your system and extract sensitive information, demands are made, usually for money, followed by a threat. For example, criminals may send your company’s intellectual property to competitors or distribute embarrassing data online unless they’re paid.

The major concern with this sort of attack is that even regular backups won’t help you stay protected. Once hackers get their virtual hands on your porn stash, there is nothing you can do about it. Even if you pay the pressurised ransom, the move won’t guarantee the restoration of your data, not to mention your reputation.

An evolving criminal business model

Ransomware, coupled with extortionware, makes a sturdy criminal business model. The BBC noted the immense potential of this rising trend for “affecting companies not just operationally but through reputation damage.” This statement was made following up a group of hackers who posted a screen grab of an IT director’s secret porn stash.

In a blog post on the dark web, the cyber-criminal gang named the director whose work computer allegedly contained the files. The screen grab posted to the blog featured dozens of folders catalogued under the name of various porn stars and websites. “Thank God for (name of IT director),” the caption read, “While he was masturbating we downloaded several hundred gigabytes of private information about his company’s customers. God bless his hairy palms, Amen!”

However, the post has been deleted in the last couple of weeks—proof, which experts imply that “the extortion attempt worked and the hackers have been paid to restore the data and not publish any more details.”

“Extortionware is the new norm,” stated Brett Callow, a threat analyst at cyber-security company Emsisoft. In an interview with the BBC, he labelled these incidents as “no longer simply cyber-attacks about data” but “full-blown extortion attempts.” “Hackers are now actually searching the data for information that can be weaponised. If they find anything that is incriminating or embarrassing, they’ll use it to leverage a larger pay-out.”

The analyst has been following ransomware tactics for years and admitted to witnessing this shift in methods in late 2019. “It used to be the case that the data was just encrypted to disrupt a company, but then we started seeing it downloaded by the hackers themselves. It meant they could charge victims even more because the threat of selling the data on to others was strong.”

Just yesterday, Representative Matt Gaetz, Republican of Florida and a close ally of former President Donald J. Trump, came under federal investigation over alleged claims of sex trafficking and potentially having a sexual relationship with a 17-year-old. “What is happening is an extortion of me and my family involving a former Department of Justice official,” Gaetz said in an interview with Fox News. “On 16 March, my father got a text message demanding a meeting wherein a person demanded $25 million in exchange for making horrible sex trafficking allegations against me go away.”

The former congressman seeked help against the blackmailing from the local FBI and the Department of Justice (DOJ) who asked Gaetz’s dad to wear a wire to record further extortion phone calls. “Tonight I am demanding that the DOJ and FBI release the audio recordings that were made under their supervision which will prove my innocence and that will show that these allegations aren’t true—they’re merely intended to bleed my family out of money,” Gaetz added.

Protection is better than reaction

The Maze ransomware group became the most notorious cybercriminal group for using extortionware methods in 2020. If companies refused to pay Maze’s ransom fees, these hackers exposed their data online through continuous data leaks that made it next to impossible to know when they would stop.

Given how lucrative extortionware is for hackers and the fact that ‘work from home’ is set to become the new norm, the cyber attack genre will continue to grow as a favoured practice post-pandemic. However, there are steps that organisations can take to ensure their data is sealed air-tight against such malicious threats.

According to Security Magazine, end-user data, NAS systems, file shares, virtual machines and SaaS applications including Microsoft 365 are particularly vulnerable to extortionware attacks. To ensure cyber resilience and protect these large sets of data, organisations are recommended to implement a “holistic security strategy that incorporates both protection and recovery.” This includes the deployment of protective measures while empowering resilience to minimise downtime when an extortionware attack happens.

“A strong data management approach, coupled with a robust protection architecture that includes reliable backup and disaster recovery helps ensure these applications remain protected and easily recovered,” experts at Security Magazine advise. This involves increasing your network perimeter security with a firewall as well as installing anti-malware software both on personal and work computers along with regular data backups. Organisations are also recommended to test their data recovery and backup solutions frequently to ensure optimal success against such cyber attacks.

As workload goes digital, almost every organisation is vulnerable to 2021’s extortionware storm. The fact that a whopping $20 billion was paid as ransom by various organisations in 2020 (almost double its $11.5 billion estimate from 2019) further pleads the case for them to prioritise data protection and recovery strategies. As we head into a digital-first age, these practices also have the potential to become the bare minimum operating policies customers will look for themselves in any company, no matter its size or industry.

Keep On Reading

By Charlie Sawyer

The Mean Girls musical reboot trailer just dropped and it’s giving gen Z tryhard energy

By Alma Fabiani

Victoria’s Secret already ditches feminist makeover after sales drop

By Abby Amoakuh

Men are warming up to lip fillers and finding more than just one use for the injections

By Abby Amoakuh

Your friends can now help you choose your next boo on Tinder through the new Matchmaker feature

By Abby Amoakuh

Cocaine, goat blood and sex rituals: Jason Derulo accused of bizarre sexual harassment

By Alma Fabiani

Watch Dan Schneider’s 19-minute video response to Quiet on Set: The Dark Side of Kids accusations

By Fatou Ferraro Mboup

A triangle of sadness: The 3 biggest issues facing UK universities at the moment

By Abby Amoakuh

Austerity-era PM David Cameron appointed Foreign Secretary. Here’s what he’s been up to since his resignation

By Abby Amoakuh

Grave site for Megan Thee Stallion’s mother ramps up security after Nicki Minaj fans leak location

By Fatou Ferraro Mboup

Former Cloudflare employee Brittany Pietsch goes viral after filming brutal firing process

By Charlie Sawyer

2023 was Jeremy Allen White’s year. Why? Because being committed to the job is sexy

By Abby Amoakuh

White US politician tells primarily Black audience that her father born in 1933 was a white slave

By Abby Amoakuh

Kim Kardashian shows up with cameras for jury duty in gang murder case

By Fatou Ferraro Mboup

Millie Bobby Brown credits feminist awakening to psychic in controversial interview

By Abby Amoakuh

Oklahoma State Senator Dusty Deevers to criminalise watching porn with penalties of up to 20 years in prison

By Fatou Ferraro Mboup

Female students fear harassment after all-male committee form pro-life society in Manchester

By Charlie Sawyer

Deepfake videos of Taylor Swift and Selena Gomez used in elaborate Le Creuset online scam

By Charlie Sawyer

Will the Supreme Court banish Trump from the presidential ballot? Social media users have their say

By Charlie Sawyer

An acoustic guitar and the first chords of Wonderwall aka every girl’s worst dating nightmare

By Alma Fabiani

50 Cent is sponsoring an under-14 girls football team in Wales