Cyber Extortion – have you heard of it?
It has been making headlines recently. Cyber extortion is a type of cyber crime where criminals threaten to harm your business by compromising its data and digital assets unless a ransom is paid. These threats often involve ransomware, a malicious software that encrypts your data, making it inaccessible until you pay the ransom.
Sometimes, cyber criminals go a step further by stealing data and threatening to release it publicly on dark web leak sites if the demands are not met. This is known as a double extortion.
According to a 2024 report, the number of victims of these types of scams has skyrocketed by 77% over the past year. What’s more, small businesses are four times more likely to be targeted compared to their larger counterparts. This is a worrying trend, especially considering that smaller businesses often have fewer resources to defend against these attacks.
In the first quarter of this year alone, 1,046 businesses fell victim to double extortion. This may not seem huge, but remember that the actual number is likely much higher since many cases go unreported, hiding in the shadows of what experts call the ‘dark number’.
The truth is that all businesses, regardless of size or industry, are potential targets. However, certain sectors are more frequently attacked. Manufacturing, professional, scientific and technical services, as well as wholesale trade, top the list. Alarmingly, the healthcare and social assistance sectors are also seeing a significant rise in attacks, despite the potential societal and political repercussions.
Cyber criminals are opportunistic and strategic. They target regions with strong economic growth and shared languages. In the UK cyber extortion attacks have increased by 96%. The rise in cyber extortion is a big worry, but there are steps that you can take to protect your business.
- Back up your data: Make sure you have a robust back up plan. Keep your critical data in an offline or offsite location and regularly test this process to ensure it is all working properly.
- Keep software updated: Make sure all your devices use the latest software, especially those connected to the internet.
- Implement Multi-Factor Authentication: Strengthen your access controls with MFA. This adds an extra layer of security by requiring multiple forms of verification before access is granted (such as a code on a separate device).
- Patch and Vulnerability Management: Regularly update your systems to fix any security vulnerabilities. Cyber criminals often exploit known weaknesses, so staying on top of patches can prevent many attacks.
By understanding what cyber extortion is and how it works, you can better prepare your business to defend against it. The key is to be proactive, and not wait until it is too late!
Here is another article if you enjoyed this one!