The new era of cyber extortion

Secret data can also be a honeypot for cyber extortionists. Banks conceal the actual scope of credit card fraud. Criminals can blackmail politicians and large corporations because they have secrets. The attack surface is huge, so we should efficiently respond to these processes.

What can we do now? It’s a good idea to try to make cyber extortion unprofitable. We should stop paying and tell the world about it. People and organizations are already stating upfront that they will not pay. Ransomware attack paralyzed Lincolnshire County Council network. The Council’s representative said they would not pay up. Similarly, several premium email providers hit by DDoS attacks refused to submit ransoms.

Law enforcement agencies should take down the underground infrastructureas often as possible. It’s not easy but worthwhile. The takedown of CryptoLocker back in 2014 is a good example. The attackers should stop thinking that they are beyond the reach of law enforcement. Negotiating the price, taking time and trying to wheedle more info out of the scammers – that’s what can also help track them down. They are usually young and unprofessional, and they make a lot of mistakes. Another vector has to do with the operation of crypto-currency companies. They should be more regulated and monitored, at least, when it comes to ransomware investigation cases.

The next step is to enhance computer users’ security awareness. People should exercise more caution concerning things like suspicious email attachments. Backups should become a good habit. Backups can resolve all problems associated with encrypted or infected files.

Users hit by ransomware should not pay immediately. Psychological factors have always played significant roles in blackmail scenarios. Stresspreventsvictims fromadequately weightingup the risks. The shock factor should not distract us from dissecting the situation soberly and implementing all possible recovery options.

The concept of cyber extortion hasn’t reached the peak of its maturity. The security industry and users should take this into account andpreparefor future attacks.