Understanding Cyber Extortion and How to Protect Your BusinessRisk Management
On June 3, 2021, a ransomware attack caused the Colonial Pipeline, one of the most extensive fuel pipeline operations in the U.S., to close. The episode briefly left half of the east coast without fuel, including gasoline, diesel, home heating oil, jet fuel, and military supplies.
As a result, the U.S. Department of Justice announced that it intends to elevate investigations of ransomware attacks to a similar priority as terrorism.
Cyber extortion as a phenomenon has been recognized since 2013 and was considered a relatively mild threat, similar to other uncoordinated malware attacks. However, in recent years, cybercriminals have started employing sophisticated and aggressive methods that have severely impacted hundreds of businesses across the globe.
Obviously, business leaders need to be aware of the rising threat of ransomware and prepare accordingly. To better understand this specific threat, let’s talk about what cyber extortion is, how it could affect your business, and relay the most effective methods of protection.
What Is Cyber Extortion?
Cyber extortion is an umbrella term for a wide array of cybercrimes. Cyber extortion occurs when cybercriminals threaten to disable the operations of a target business or compromise its confidential data unless they receive a payment.
The two most common types of cyber extortion are ransomware and DDoS (Distributed Denial of Service) attacks.
Ransomware is a type of malware or “malicious software.” Malware is typically distributed via emails, infected websites, or fraudulent networks. Cybercriminals use these emails and websites to trick their recipients and visitors into clicking on infected links, thus downloading the malicious software. The software then proceeds to encrypt the victim’s files rendering their computers and networks unusable. The blackmailers then contact the victim, offering to decrypt their files for a fee.
In the case of DDoS attacks, multiple compromised computer systems attack a single target. The goal is to cause a denial of service, making the target’s network temporarily unusable. Depending on the target business, this website downtime can cause significant financial losses.
DDoS attacks and ransomware are often used in tandem. Cybercriminals often threaten businesses with DDoS attacks, claiming that the attack will occur if a fee isn’t paid to stop it. Cybercriminals also commonly threaten to publish sensitive or confidential data which could lead to lawsuits.
The Cost of Cyber Extortion and Associated Risks
During the course of the COVID-19 pandemic, businesses have become more vulnerable than ever to cyberattacks. As more and more people shifted to working from home and companies transferred the bulk of their everyday workload online, security risks increased.
In 2020, the total amount of ransom paid by cybercrime victims reached nearly $350 million, a 311% increase compared to 2019. A 2021 Global Market Report estimated that cybercrimes will cost businesses as much as $600 billion.
Cybercrime is lucrative and highly organized. As few as 199 deposit addresses received 80% of all ransomware attack funds.
Additionally, simply paying the ransom, which averages around $170,404 per attack, is significantly cheaper than the recovery costs. Compared to 2020 ($761,106), the average cost of recovery from ransomware attacks increased in 2021 ($1.8 million), according to Sophos’ State of Ransomware 2021 Report.
The high cost of recovery makes it tempting for businesses to give in to cybercriminals, making them an even more attractive target in the future. According to Reuters, this trend of giving in to the attackers’ demands has become so prevalent that companies may suffer legal ramifications for doing so.
Is Your Business Vulnerable to Cyber Extortion?
Cyber extortion affects every industry, size of business, and country indiscriminately. According to the Arete Incident Response, the most popular industries among cybercriminals in 2020 have been professional services like lawyers, accountants, real estate agents, etc. (34.45%), public service (17.79%), and manufacturing (14.72%).
Less affected but still at risk industries include healthcare (12.13%), technology (8.89%), and finance (6.89%).
Any business that relies on emails or open data storage systems or communication is susceptible to cyber extortion.
Additionally, the more expensive the website’s downtime, the more likely a business is to pay the ransom to cybercriminals. However, the act of paying the ransom would put the business in question on the criminals’ payers list. This means that over time, the companies that decide to give in and pay the ransom will almost certainly get targeted repeatedly and continue to lose money as a result.
How to Protect Your Business from Cyber Extortion
Given the rising threat of cybercrime, it’s crucial to start improving your systems and protocols to better deal with the ever-evolving dangers of digital technology. Let’s cover what methods and procedures the experts suggest can be effective when dealing with cyber extortion and cybercrime in general.
Keep in mind that no method is foolproof and that cybersecurity requires constant dedication and investment to keep your business protected.
Employee Training and Education
Social engineering is behind as many as 99% of cyberattacks, according to Proofpoint’s 2019 report. Phishing, the most common type of social engineering attack, spreads malware via infected email attachments and infected websites.
Cyberattacks are automated to various degrees. Some malicious email links are sent to huge email lists indiscriminately, while others are carefully constructed to closely resemble one’s professional emails. Cybercriminals carefully construct everything from email design to the wording and the email signature to deceive the most careful of employees.
This is why employee training and education on cyberattacks are of crucial importance to protecting your business. Tips as simple as identifying phishing emails and knowing not to post sensitive data on social media platforms can significantly reduce the risk of falling victim to cyberattacks. Having your employees attend cybersecurity training modules tailored to the needs of your business goes a long way in keeping your business safe.
Set up Protocols and Have an Effective Firewall
One way of reducing the risk of human error is establishing company-wide cybersecurity protocols:
Make sure all of your employees have turned on their spam filters, reducing the number of potentially malicious emails that can reach their inbox.
Keep client credit card details and other sensitive information encrypted and only available when necessary to appropriate employees.
Set up systems that require complex passwords to work instead of trusting your employees to develop original password content.
Have your operating systems and security software updated regularly. Legacy software is an easy target for cyber attacks.
Additionally, adding a firewall on top of your existing protocols will help reduce the risk of cyber extortion, as it will reduce the human element involved. Your firewall is the gatekeeper of all incoming and outcoming traffic in your company. Firewalls will protect your network from criminals trying to hack your systems. They will also reduce the risk of hackers gaining access to sensitive information, as it will limit your employees’ access to data they shouldn’t possess. After all, an effective way of protecting your data is to make it difficult to access even for your employees.
Consider a VPN for Remote Workers
Having all of your employees work from an office makes it easier for a firewall to monitor incoming and outcoming traffic. However, once your employees start working remotely, your business becomes much more susceptible to cyberattacks.
Employees using free Wi-Fi from coffee shops, restaurants, friends’ houses, and the like are substantial security hazards. The wide variety of solutions and networks remote employees use makes it nearly impossible to ensure a quality level of protection. A VPN or virtual private network solution could mitigate some of these risks. Setting up a VPN helps mask your team’s location and digital footprint. It ensures your network remains anonymous, confidential, and, most of all, uniform. Having your employees use the same VPN will help eliminate the risk of human error, helping you stay on top of security risks.
It’s always a good idea to back up your data. Regular backups are one of the most cost-effective ways of protecting your business and will help companies run smoothly even if their data is compromised. If one of your computers gets infected with malware despite your efforts to set up safety protocols, you can always ignore the threat and restore the data you need.
However, for backups to work, you need to establish a separate backup protocol. Have your data backed up to a portable device or cloud storage daily. Perform daily, weekly, monthly, quarterly, and yearly data backups. Check regularly whether or not the backup data is up to standard and restorable. And finally, make sure your cloud-based backup data is encrypted and always use multi-step authentication.
Invest in Cyber Insurance
Given the increased cyber risks, investing in a cyber insurance policy is a wise decision for most businesses. As the last line of defense, a cyber insurance policy will cover your financial losses caused by a cyberattack. Depending on the specifics of your policy, it will also cover liability claims filed against you if third parties suffer losses due to your company’s data breach or system downtimes.
Moreover, most insurance providers will help you mid and post-attack by contacting and paying for cybersecurity experts that will help you minimize the damage and improve your security. The premium you’ll end up paying for your insurance policy will depend on your business size and yearly income, so the price will likely be more reasonable than you’d expect.
Before deciding on coverage, make sure to read through your insurance policy carefully. You should know exactly which potential incidents are covered and what you need to do before filing a claim. Consult your insurance broker on what counts as negligence on your part, and set up protocols to ensure productive cooperation.
When looking to purchase the right insurance policy to protect your business from cybercrime, it’s crucial to work with the right insurance broker to secure the right coverage for your specific needs. Working with a dedicated broker will allow you to secure the right amount of coverage, without gaps and hidden pitfalls, without overpaying for insurance.
If you want to understand how you can transfer the risk of cyber extortion to your insurer, feel free to reach out to one of our expert brokers at any time.
Learn what businesses can do to prevent ransomware attacks and limit the impact of these attacks when they do occur.
Practice good work-from-home cybersecurity hygiene to keep yourself, your family, and your employees safe.