×

Register to Continue Reading

First Name
Last Name
Job Title
Company
Country
State
Thank you!
Error - something went wrong!
   

A Tale of Epic Extortions - How Cybercriminals Monetize Our Online Exposure

February 20, 2019

Not long ago, online extortion typically involved blackmailers sending threatening emails to their victims, promising to leak compromising information. Other extortionists tried warning victims of an impending cyber attack, such as a denial of service (DoS) attempt if ransom demands were not met. In the early 2010s, ransomware emerged as a viable method of coercion, culminating in the 2017 “WannaCry” attack that crippled business operations in over 100 countries.

Although these techniques are still popular, Digital Shadows’ Photon Research Team has found that cybercriminals have diversified their extortion methods, and the threat landscape is as wide and varied as it’s ever been. Specifically, cybercriminals recognize they can monetize elements of our online exposure for extortion-based activity, including exploiting compromised credentials, sensitive documents and intellectual property, and technical vulnerabilities. 

In this new research piece, the team explores:

  • How attackers such as sextortionists, thedarkoverlord and the SamSam group use our online exposure to perform extortion campaigns
  • How a growing market for network accesses, stolen documents, and extortion guides on gated, dark web sites has emboldened novice extortionists
  • What practical mitigation advice business leaders and network defenders can implement to manage their digital footprints and reduce extortion risks
Previous Post
Cyber Risks and High-frequency Trading: Conversation with an Insider
Cyber Risks and High-frequency Trading: Conversation with an Insider

Research from the Carnegie Endowment for International Peace published this week focused the attention on h...

Next Post
Bomb Threat Emails: Extortion Gets Physical
Bomb Threat Emails: Extortion Gets Physical

Digital Shadows has been able to analyse a series of these bomb threat emails. In this blog, we provide six...