Cyberextortion

Digital Threats for Financial Gain

Cyberextortion involves threatening to damage, destroy, or release sensitive information unless payment is made. This includes ransomware attacks, data theft threats, and DDoS extortion schemes.

Risk: high
Common

Cyberextortion involves threatening to damage, destroy, or release sensitive information unless payment is made. This includes ransomware attacks, data theft threats, and DDoS extortion schemes.

How It Works

1

Attackers gain access to victim's systems or data through various methods.

2

They threaten to cause harm, such as data destruction, public release of sensitive information, or service disruption.

3

A ransom demand is made, typically requesting cryptocurrency payment.

4

Victims are given a deadline to pay, often with escalating threats.

5

Payment may or may not result in the promised restoration of services or data.

Impact & Risks

Financial losses from ransom payments and recovery costs
Business disruption and operational downtime
Loss of sensitive data and privacy breaches
Damage to reputation and customer trust
Legal and regulatory consequences
Potential for repeat attacks if payment is made

Types of Cyberextortion

Ransomware Extortion

Encrypting files and demanding payment for decryption keys.

Data Theft Extortion

Stealing sensitive data and threatening public release unless paid.

DDoS Extortion

Threatening to overwhelm systems with traffic unless ransom is paid.

Sextortion

Using compromising images or videos to extort victims for money or favors.

Real-World Examples

WannaCry Ransomware (2017)

Global ransomware attack that affected hundreds of thousands of computers, demanding Bitcoin payments.

Colonial Pipeline Attack (2021)

DarkSide ransomware shut down major US fuel pipeline, leading to widespread fuel shortages.

Kaseya Supply Chain Attack (2021)

REvil ransomware group targeted managed service providers to encrypt thousands of downstream customers.