Cyber Extortion: What Is It and What’s the Risk to Your Business?

Michael Tunstall

August 9, 2024

Cyber Extortion: What Is It and What’s the Risk to Your Business?

Cyber extortion is a topic that’s been making headlines and causing many sleepless nights. Is it something on your radar? It should be, as it could one day affect your business.

What Is Cyber Extortion?

Cyber extortion is a form of cybercrime where criminals threaten to harm your business by compromising its data and digital assets unless a ransom is paid. Often, these threats involve ransomware—a malicious software that encrypts your data, rendering it inaccessible until you pay the ransom.

In some cases, cybercriminals take it a step further by stealing data and threatening to release it publicly on dark web leak sites if their demands aren’t met. This tactic, known as double extortion, is becoming increasingly common.

According to a 2024 report, the number of victims of cyber extortion scams has surged by 77% over the past year. Small businesses are four times more likely to be targeted than larger enterprises. This is a concerning trend, particularly as smaller businesses often have fewer resources to defend against such attacks.

In the first quarter of this year alone, 1,046 businesses fell victim to double extortion. While this figure may not seem overwhelming, the actual number is likely much higher, as many cases go unreported, hidden in what experts refer to as the "dark number."

The reality is that all businesses, regardless of size or industry, are potential targets. However, certain sectors are more frequently attacked. Manufacturing, professional, scientific, and technical services, along with wholesale trade, are at the top of the list. Alarmingly, the healthcare and social assistance sectors are also experiencing a significant rise in attacks, despite the potential societal and political repercussions.

Cybercriminals are opportunistic and strategic, targeting regions with strong economic growth and shared languages. For example, cyber extortion attacks in the UK have increased by 96%.

While the rise in cyber extortion is concerning, there are steps you can take to protect your business. Here are some key strategies:

Back Up Your Data: Ensure you have a robust backup plan. Store your critical data in an offline or offsite location and regularly test your backup restoration process.

Keep Software Updated: Make sure all your devices are running the latest software, especially those connected to the internet.

Implement Multi-Factor Authentication (MFA): Strengthen your access controls with MFA. This adds an extra layer of security by requiring multiple forms of verification before access is granted (such as a code on a separate device). Also, limit user access to only the systems they need for their role.

Patch and Vulnerability Management: Regularly update your systems to fix any security vulnerabilities. Cybercriminals often exploit known weaknesses, so staying on top of patches can prevent many attacks.

By understanding what cyber extortion is and how it operates, you can better prepare your business to defend against it. The key is to be proactive.

If you need assistance in preparing your business and keeping it safe, get in touch.

<All Posts