U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Cyber Crime

The Extortion is a common practice in the cyber criminal ecosystem

According principal security firms, extortion, ransom and blackmail are pillars of illicit activities, cyber criminals are adapting them to the cyber context. Extrotion is becoming a worrying inclination in the cyber criminal ecosystem, the number of targeted attacks that request money in change of a suspension of the hostilities and to give back to the victims […]

The Extortion is a common practice in the cyber criminal ecosystem

According principal security firms, extortion, ransom and blackmail are pillars of illicit activities, cyber criminals are adapting them to the cyber context.

Extrotion is becoming a worrying inclination in the cyber criminal ecosystem, the number of targeted attacks that request money in change of a suspension of the hostilities and to give back to the victims the abused resources is increasing in significant way. Ransomware and DDoS attacks are the most common forms of attack, victims are informed of ongoing activities and stressed by an incessant mafia-style extortion tactic that keep victims in hostage paralyzing their services or making inaccessible the user’s data.

“It sounds exactly like something out of the 1920s and the extortion racket. Now it’s being played out in cyberspace,” this is a new form of racket like declared by Carl Herberger, vice president of security solutions at Radware.

The main problem is that in many cases the attacks could have a serious impact on the business, a DDoS attack knocks offline for hours or days a targeted website impacting on millions of users. Cyber extortion is not a new concept, it has been carried out at various levels and by different kind of actors, including small group of criminals and also international crime organization like the syndicate of crime like the Russian Business Network (RBN). The Russian Business Network has long been known for botnets such as Storm used extorting activities against hosting services. In DDoS attacks finalized to extortion the attackers flood victim’s websites or web services knocking out them, of course the criminals then offer to block the attack in exchange for a fee.

Recently, many companies were hit by criminals for extortion, social networking site Meetup.com was one of them, the criminals requested to the company CEO $300 to arrest the attack against its servers. Another case is related to company who manage online project management software Basecamp, also in this case the attackers have opted for a DDoS extortion that shut down access to official website.

The experts suggest to don’t pay any fee to avoid further requests from criminals, despite the alert of law enforcement many victims are paying to restore normality.

“What choice are companies left with that don’t have a lot of resources or time?” “The number is fairly non-objectionable to the victim so they just pay it. They are trying to get the victim to run a cost-benefit analysis in their head.” said Herberger. 

Insurance groups are starting to seriously approach also the cyber extortion, they basically manage the cases that could harm their customer’s business, causing loss of reputation and money.

The recent rise of ransomware has created serious problems to enterprises and government agencies, malware like CryptoLocker are specifically designed for cyber extortion purpose.  A survey conducted at the  revealed that 41% of UK respondents who were infected by Cryptolocker claimed to have agreed to pay the ransom, a figure much larger than official estimates provided by Symantec (3%) and by Dell SecureWorks (0.4%). The average amount per infection is $300.

Symantec cyber extortion

Ransomware attacks grew by 500 percent in 2013 and turned vicious” according 2014 Internet Security Threat Report (ISTR), which propose an analysis of the techniques adopted by cybercriminals to conduct sophisticated, as dangerous, cyberattacks.

Malware like CryptoDefense destroys the key if the ransom isn’t paid within one month, for this reason victims are scared by this malicious code.

It’s my opinion that attacks for extortion purpose will increase, I afraid that they could also impact high-sensitive environments, but what could be an element of innovation in the future strategies is the inclusion of the blackmail within the sources of income.

Pierluigi Paganini 

(Security Affairs –  Cyber Extortion, cybercrime)