3 Things to Know about Digital Extortion and Ransomware Evolution

digital extortion ransomware

Digital extortion is exactly what it sounds like: an online shakedown, not through physical violence but electronic coercion, by a malicious individual for a sum of cash. For enterprises, digital extortion most often takes the form of ransomware—a malicious program that infiltrates a network, encrypts its essential business files, and holds them hostage until the hacker is paid a sum of their demand. But digital extortion is a danger organizations and consumers alike must face; it’s becoming its own online danse macabre as it becomes the new default tactic of financially-motivated threat actors.

Here are 3 things you should know about digital extortion:

1. Digital Extortion isn’t just Ransomware

Imagine your enterprise’s online reviews: pretty positive overall, with a few glowing ones and the rare one from a dissatisfied customer or angry former employee. Now imagine that more and more negative reviews begin to filter in, until your company’s aggregate score drops into the unacceptable. You know that consumers consult these reviews before making their purchasing decisions, and that the negative critiques are driving a good number of them away.

Then an email arrives in your inbox: “Shame about those harsh reviews. Pay me $2,000,000 in bitcoin and they’ll stop.”

As shocking as this email might be, and as conspiratorial as it might sound, this is an actual occurrence that can absolutely happen to your enterprise. Celebrities are already dealing with coordinated social media harassment campaigns that won’t stop until the instigators are paid. Now businesses are dealing with the same tactics, with both industry-relevant review sites and social media platforms seeing deluges of pollution against major actors and organizations. In these cases,hackers are leveraging an enterprise’s reputation rather than their files for their digital extortion tactics. And as we’ve learned recently from the recent revelations about Equifax, a bad reputation can seriously damage your bottom line.

2. Enterprises are the Most Vulnerable to the New Attack Wave

What did WannaCry, EREBUS, and PETYA have in common?

Lots of things, to be sure. They each inflicted massive damage throughout the world, all of them were some variation of ransomware that spread like wildfire, and all of them received kind a lot of mainstream press.

But beyond that, the crucial similarity between them is that they all targeted enterprises; more accurately, they were all specifically designed to hurt enterprises’ everyday business processes. WannaCry and EREBUS’s designs allowed them to spread across organizations’ networks through a Windows Server Message Block exploit, find critical enterprise files, and encrypt them. PETYA’s programming specifically made decryption harder for enterprise-critical files.

The new breed of digital extortion therefore is designed to wreck as much havoc as possible in office settings. And with innovations in spear phishing and general email-blast phishing campaigns, every employee endpoint is another potential infection vector for digital extortion attacks that could cost your company millions.  

3. Digital Extortion is Evolving…Quickly

Endpoint security vendor Trend Micro predicts that digital extortion techniques will evolve beyond traditional business-file encryption as more hackers realize that it is a faster and more profitable venture than credential theft. The reputation attacks discussed above is one symptom of this trend, but evidence suggests it will go even further.  

For example, the Industrial Internet of Things (IIOT) is a potentially massive vulnerability for almost every enterprise. Manufacturing plants and assembly-line robots often have legacy systems designed with no inherent security system and diverse hardware that is near impossible to patch. Hackers can easily take advantage of these security holes and completely shut down your enterprises’ production line until the ransom is paid. Now hackers can hurt you in the real world as well as the digital one.  

Even traditional ransomware attacks are predicted to undergo a costume change to account for the new era. Phishing emails will start delivering ransomware automatically rather than diverting victims to a fake login site, saving hackers time and effort. Ransomware that once disguised itself as a message from the FBI or IRS may start wearing the skin of a GDPR enforcer—or threatening to report enterprises for GDPR infractions—to terrify victims with the prospect of GDPR’s fines.

In summary, the face of digital extortion will change, but every mask it wears still has its eyes locked on your bank account.

What Should Your Enterprise Do?

First, finding a solution provider really is the first step to protecting your business from the most common digital extortion infection vectors. Second, invest in fully training your employees and management staff on good digital hygiene techniques such as how to spot spear phishing tactics and how to recognize social engineering attacks. This will take time and money, but consider these a short-term investment for long-term security and peace of mind. The alternative is far more expensive.  

Ben Canner
Follow me

Leave a Reply

Your email address will not be published. Required fields are marked *