Log in to see any non-public content on this page
Athabasca University | AU Student/Staff Login | Invited Guest Login
Athabasca University | AU Student/Staff Login | Invited Guest Login
BT Week 7 - Cyber extortion
By Bozena Tkaczyk in the group COMP 607: Fall 2015 cohort November 24, 2015 - 11:03am
“A cyberextortionist is an individual or group who uses email as an offensive force. ….. The message sent through the email usually demands money in exchange for the prevention of the attack”
Cyber extortion can be conducted in many ways. Originally, the most common method of cyber extortion was denial of service (DoS) attacks against corporations - the attacker could originate a ping storm and call the head of the company, demanding ransom in exchange for preventing the attack.
In recent years, cyber criminals became more ‘sophisticated’ and have developed ransomware which encrypts the victim's data. The victim usually receives an email that offers the decryption key in exchange for a payment in a digital currency knowns as Bitcoins.
Cyber-ransom is a relatively new crime in America's digital world and it is spreading fast.
Ransomware is a kind of malware that constrains access to a computer system that it infects in some way, demanding that the user pay money in order to remove the restriction.
Some forms of ransomware systematically encrypt files on the system's hard drive using a large key that may be technologically impossible to breach without paying the ransom. Ransomware usually spreads as a trojan.
The use of ransomware scams has grown internationally. Extensive attacks containing encryption-based ransomware began to increase through trojan such as CryptoLocker, which had obtained an estimated US$3 million before it was taken down and CryptoWall, which has gained an estimated $15 million as of June 2015.
The number of enterprises that rely on the Internet for their business is increasing every year. It creates an enormous opportunities for cyber extortionists. According to many reports, most cyber extortion episodes are not investigated because victims don't want the publicity. Companies have paid millions, covered up and suffered interruption due to blackmail efforts.
Ransomware is dangerous because it infects your computer and then encrypts all of your locally stored personal files (photos, documents, movies, music, etc.) behind a virtually resistant wall of encryption. The victim must pay a substantial amount of money to the hackers to get the files back.
The FBI recently conducted a major global crackdown on the servers that were being used to host and spread CryptoLocker; however, the malware is still available for sale in the digital black market.
Don't make the mistake of thinking that a cyber-ransom scam won't happen to you. Criminals around the world are now focusing more on online consumers; many of these attacks can be difficult for the average person to spot ahead of time. How can you protect yourself?
The most popular way of getting infected is via phishing emails or by drive-by download attacks. The best advice is to:
-
backup your important files, personal data to avoid losing them in an attack
-
keep your antivirus updated
-
don't open suspicious emails/attachments
-
use a script-blocking plug-in to prevent drive-by downloads online
-
use a separate laptop for online activities (if you can afford it :))
References:
Show original message
COMP 607: Fall 2015 cohort
COMP 607: F15
