When cybercriminals hijack your data or website and demand a ransom, you become a victim of cyber extortion. Attacks and payments are on the rise, with some businesses paying nearly $800,000 to regain access to their resources. We’ll explain how cyber extortion works and what you can do to prevent it.
Cyber extortion happens when a bad actor hijacks your data or website and demands payment to release the information or site back to you. Cybercriminals may hijack your website in a number of ways, such as compromising your data and threatening to release it to the dark web or initiating a denial of service attack that prevents customers from accessing your website.
Ransomware attacks are increasing, and so are their costs. The average ransom payment in Q3 2019 was $41,198. That number more than doubled in Q4, rising to $84,116. The total cost of recovery can be even higher. Some victims pay more than $780,000 to regain access to their data and resources. In 2021, the average total cost of recovery rose to $1.85 million. While the ransom amount may depend on the size of your company, most businesses today are at risk and need to prepare themselves against ransomware attacks.
When cyber extortion occurs, a business might not be able to operate until it deals with the threat. That can mean paying criminals a lot of money to regain control.
Every business that maintains an internet presence is at risk of cyber extortion. Research from Red Canary shows that 70% of organizations face over 100 cybersecurity threats every day. Are you at risk? Conduct a cybersecurity risk assessment to see how protected your business is.
Cyber extortion and ransomware start when the hijacker gains access to your systems. They look for weak points in your security or hack passwords to gain entry. Phishing schemes are one of the most common ways that hackers gain access. Once in the system, they often insert a type of malware known as ransomware or create a distributed denial-of-service (DDoS) attack. Ultimately, the business owner, their staff and their customers are unable to access normal systems.
Once the hijacker has control of the systems, they make their demands, including the ransom amount required to restore the system and allow the business to regain function.
There are many ways that hijackers can infiltrate your business systems and demand payment from you, including the following.
Ransomware is a type of malware, a malicious code or software inserted into the system to compromise it. The compromised areas may include data confidentiality, system operations or operating system function. Often, malware isn’t detected right away and works for some time until someone notices the lack of function.
Ransomware also creates encryption keys that are necessary to regain access to the data or systems. The hijacker maintains the encryption keys until the ransom is paid.
A DDoS attack sends an abundance of traffic and requests to a website until the website is overwhelmed and becomes unavailable. The cybercriminals infect a network of computers to send requests to the target site. This type of attack is often executed in coordination with other cyber intrusions.
In a phishing attack, hackers pose as a trusted email sender to gain access information. If the recipient is fooled and follows links requesting passwords and other private data, the hackers are able to see that data. Phishing has become common among cybercriminals, and businesses should train employees how not to fall victim to phishing schemes.
CATO happens when a hijacker impersonates the business’s website or email and requests wire or ACH transactions. Funds are sent to what looks like a legitimate account that is, in fact, controlled by the hijacker. Companies with minimal control over online banking systems are particularly susceptible to this type of attack.
Distributed denial-of-service (DDoS) attacks, phishing and corporate account takeovers are common types of cyber extortion.
Any business with digital operations or storage is susceptible to cybercrimes, including cyber extortion. Because malware is easy to install, cybercriminals don’t have to work hard to target even small operations.
According to a Red Canary survey, 92% of security leaders said they were not completely confident that their organization could identify and stop the root cause of an attack. Nearly 50% of organizations said they don’t have the resources to stop an attack within an hour of the initial data compromise. This data suggests that companies are not just targets – they are grossly unable to handle these cyber breaches.
Here are some common targets:
Any business that relies on centralized digital operations, digital tools, or online customer relationship management systems is vulnerable to hijackers.
There are many public examples of cyber extortion from recent years.
Cyber extortion has a huge impact on businesses and, in some cases, on the general public. The Colonial Pipeline hack caused concern over possible gasoline shortages throughout the Southern and Eastern U.S. Gas prices rose as the industry sought to deal with demand. Colonial Pipeline paid the ransom in part because it could not estimate how long it would take to identify and remediate its systems.
For a small business, the impact of cyber extortion is significant. Estimates from Kaspersky show the average cost of a data breach could be upward of $100,000 for small businesses. If that data breach includes a ransom, you could pay another $1,500 to $50,000 in ransom fees. Plus, there is the cost of being down while your system is nonoperational, and the public perception that your business cannot be trusted. Customers may decide to take their business elsewhere.
All in all, business insurer Hiscox estimates that the total cost to small businesses due to a cyberattack is close to $200,000. That is money that most small business owners simply don’t have. If a small business can’t handle the cost of the cyberattack, it may close its doors permanently.
Because any small business is at risk, owners should do everything possible to prevent a data breach. A small business can take some simple steps to help prevent cyber extortion:
One way to protect your small business is to purchase cyber liability insurance – not to be confused with general liability insurance. This type of insurance will pay for the costs associated with restoring your system after a cyberattack. Coverage includes mitigation services to try to work with backups and restore operations as soon as possible. It will also negotiate with the cyberattackers and pay for ransoms up to the policy limits.
While you can’t prevent every hack, cyber liability insurance minimizes the impact of hacks on your bottom line.