When a technology company was hit by a Distributed Denial of Service (DDoS) attack by a hacker who had gained control of one of its critical control panels, it was asked to be paid in exchange for returning control to its operations. The company chose not to comply with the extortionists and instead worked to recover its account by changing passwords. Unfortunately, the hackers had created backup logins to the panel and started randomly deleting files once they saw the company’s actions. This example of cyber extortion, unfortunately, put the company out of business.
Extortion as a result of a cyber attack is becoming more and more common for all business types and sizes. One reason for the increase in incidents is that end-user software like Cryptolocker has commoditized the malware industry, making it accessible to a wider variety of criminals and less-skilled hackers.
Cyber criminals, for the purposes of extortion, can threaten to shut down computer systems or erase data, infect a company with a virus, publish private information or personally identifiable information on customers or employees, institute a denial-of-service attack or take over social media accounts.
Continue reading
