Extortionware: The Evolution Of Ransomware

Malicious computer programming code in the shape of a skull representing extortionware.

Written by: Jay H.

Ransomware entails an attacker infesting their victim’s computer with malware that encrypts their data. Then, the hacker forces the victim to pay a ransom or risk losing the data forever. Once thought of as a rare event, ransomware is becoming increasingly common and costing organizations billions. Now, hackers are more commonly threatening to expose the company’s data if they do not pay the ransom in an act known as extortionware.

What Is Extortionware?

Extortionware follows a similar sequence of events as typical ransomware. First, hackers install malware on their victim’s computers and encrypt their data. Then, the perpetrator demands that the victim pays a ransom. However, with extortionware, if the victim refuses, attackers then up the stakes – threatening to publish the stolen data online. This means organizations can face several issues, ranging from loss of customers and partners, damaged reputation, lawsuits, and skyrocketed cyber insurance rates.

How Do I Protect My Organization?

This question is difficult to answer. Once data gets into the hands of the attackers, you face a difficult decision: pay the hackers or risk them broadcasting your sensitive data. The best thing you can do to defend against extortionware is to take precautions to protect yourself from getting infected with malware in the first place. We’ve explained the best practices to avoid these types of attacks in our previous ransomware post, including:

  • Patch and keep your operating system up-to-date to minimize vulnerabilities.
  • Don’t download files from unknown sources. Also, don’t give software administrative privileges unless you know exactly what it is and what it does.
  • Install antivirus software to detect malware. We recommend Malwarebytes.
  • Install whitelisting software to ensure applications cannot execute themselves.
  • Back up your files frequently and store them offline.
  • Work with a reputable managed IT services provider such as Design2Web to equip your organization with the best cyber defences.

Protected by Copyscape



Comments are closed.