Technology has grown leaps and bounds over the years and so have the hackers and cybercriminals trying to bust computer systems across the world. We need to stop being a victim of cyber extortion. Earlier in the first half of 2020, we witnessed nearly 36 billion records exposed due to data breaches.
Hackers are known to use vulnerabilities in the system to breach and collect information or leak private data. According to Cybersecurity experts, global cybercrime cost is estimated to increase by 15% per year over the next five years. It will reach $10.5 trillion USD annually by 2025, up from $3 trillion USD in 2015.
Cyber attacks are occurring every day, organizations across the world are paying ransom money for access to decryption tools. With malicious attacks taking place every 39 seconds we need to stop being a victim of cyber extortion.
What is Cyber Extortion?
Cyber Extortion takes place when cybercriminals hack into computer systems. They gain access to valuable information on the computer systems, and demand ransom in the form of bitcoins or money in return for a decryption tool, removal of malware, or revoke access to your system. Hackers generally are known to break into computer software or a network via ransomware or distributed denial-of-service (DDoS).
Often victims are forced to pay up as hackers threaten to make their leaked information public if they fail to comply.
Types of Cyber Extortion
- Ransomware: Hackers use this method where the victims are tricked into clicking a link or a popup ad. This opens a corrupt file, generally sent via email or visiting a site. A ransomware attack can bring down a company’s website, computer, or an entire network.
- Distributed denial-of-service (DDoS): DDoS is deployed by cybercriminals via a network of infected computer systems. They send floods of internet traffic which shuts down the website, server, or computer system. It is caused due to massive internet traffic on the network, attackers usually stop DDoS attacks after the victim pays up.
- Email-based cyber extortion: In this form of cyber extortion, the victims receive an email demanding them to pay a ransom within a stipulated time frame. Failing to meet the deadline hackers threaten to make their personal information public. Ransom amounts can range anywhere from $250 to $1,200 in bitcoin or other currency.
How to Stop Being A Victim of Cyber Extortion?
- Defense against DDoS: Organisations should have defense mechanisms in place to protect themselves against DDoS attacks. They should be able to absorb and avoid such malicious attacks that often end up slowing down your systems. Cybercriminals don’t always need access to data to hold your business hostage.
- Know your Data: You need to know where your sensitive data resides. This is the most important question as they need to know the amount and location of the data.
- Backup: Having a good Backup Management plan in place is key. In times of crisis, it can turn out to be your best friend. It is a good idea to maintain a backup in multiple locations, storing on the cloud can turn out to be crucial at times when the systems are under attack.
- Access Level: Creating limited data access level i.e. limiting employees from having access to sensitive information. This helps in implementing legal compliance and narrows accountability.
- Security: Keeping your data secure is important. This can be done by using firewalls and antivirus software. This will keep external threats from getting access to your system to begin with.
- Intrusion detection tools: Early detection of breaches can prove vital, placing monitoring and breach prevention tools can help. A dedicated team of personnel can easily be able to detect a breach as soon as possible with help from these tools.
- Educate the Employees: It is important to educate your employees about security threats, phishing, etc, Most of the breaches are caused due to human errors. This can be eliminated to a certain extent if your staff is trained to be tech-savvy will reduce potential risk.
- Keeping your Systems Updated: It is important to keep your routers, switches, and system updated with the latest updates and patches. This can certainly help in preventing cyber attacks.
- Understand the Plan: Last but not least you need to follow your plan. The IT team needs to exactly know what steps to take in case of a data breach. Which personnel or team will do what in times of crisis, this will certainly help them tackle the situation efficiently and without panic.