Cyber Extortion: 4 ways to protect yourself from online threats and ransom demands

Cyber extortion has become a growing threat to individuals, businesses, and governments alike. This type of crime involves the use of computer systems and the internet to threaten, intimidate, or blackmail someone into giving money, information, or other resources. India, like many other countries, has experienced an increase in cyber extortion cases in recent years.

One notable example of cyber extortion in India was the WannaCry ransomware attack on the government-run National Informatics Centre (NIC) in May 2017. The attack targeted the computer systems of more than 18,000 Indian organisations, including banks, hospitals, and government agencies. The hackers demanded a ransom, to be paid in Bitcoin, in exchange for unlocking the compromised systems.

In another instance, the City of Mumbai was hit by a cyber extortion attack in August 2020, where hackers targeted the online systems of the civic body and demanded a ransom of $1 million in Bitcoins. The hackers threatened to release sensitive information about the organisation if the ransom was not paid, putting the personal data of citizens at risk.

Another case involved an Indian pharmaceutical company that fell victim to a cyber extortion scheme in 2021. Hackers threatened to release sensitive data of the company, including intellectual property and confidential information if they were not paid a ransom of $ 5.5 million. The company had no other option but to pay the ransom to the hackers, who were based in Russia.

Cyber extortion attacks can have several detrimental effects on individuals and companies. The extortionists may release sensitive data, causing reputational damage and financial losses. These attacks also lead to financial losses and disruption of critical systems, leading to the loss of valuable time and resources. It is crucial to remain vigilant and stay informed about the latest trends and tactics used by cybercriminals to protect yourself and your organisation.
 

Strategies for preventing cyber-attacks

IT assessment scorecard

A basic IT assessment scorecard is a first step towards the diagnosis of the IT system before you move to a more technical and comprehensive assessment called VAPT (Vulnerability Assessment and Penetration Testing). This scorecard gives a basic assessment of the IT network which is assessed through a web domain name.

VAPT

VAPT stands for Vulnerability Assessment and Penetration Testing. It's a process of identifying security vulnerabilities within an organisation's IT infrastructure and applications, using both automated tools and manual testing methods. 

In layman language, the way we undergo full body health check-ups, VAPT is a health check-up of the entire IT network and applications of an organisation.

Vulnerability Assessment involves conducting scanning activities to identify and categorise vulnerabilities that exist within the IT infrastructure, applications, and network devices, which could lead to unauthorised access or data breaches. A vulnerability assessment provides organisations with an overall view of the security risks they face.

Penetration Testing, on the other hand, involves simulating a real-world cyber-attack to discover weaknesses that an attacker could exploit. Penetration Testing involves a detailed examination of the Security controls, using exploit tools and techniques to determine if a vulnerability can be exploited to gain unauthorised access, sensitive data theft, or to disrupt the service. 

VAPT is essential for organisations because even with a well-designed and well-implemented security system, new vulnerabilities may arise over time. VAPT helps in locating these vulnerabilities, helps to eliminate them, and maintains a more secure IT infrastructure. Regular VAPT testing assists businesses in identifying vulnerabilities and providing timely responses to ensure the confidentiality, availability, and integrity of sensitive information.

IT security policies

Preventing cyber-attacks involves implementing various security measures and these should be part of the IT security policies of an organisation, such as:

• Keeping all software and operating systems up to date with the latest security patches and updates.
• Using strong and unique passwords for all online accounts and changing them regularly.
• Installing and regularly updating anti-malware and antivirus software on all devices.
• Limiting the amount of personal information shared online and securing sensitive data with encryption.
• Implementing two-factor authentication for important accounts.
• Being cautious of suspicious emails, links, and attachments, and avoiding phishing scams.
• Providing cybersecurity training to employees and to have written IT security policies.
• Considering a Virtual Private Network (VPN) to secure internet traffic.
• Regularly backing up important data and files to protect against data loss or ransomware attacks.

Loss minimization through Insurance

Cyber insurance is a form of insurance that provides coverage against losses resulting from cyber-attacks, data breaches, and other online threats including cyber extortion. It typically covers expenses associated with investigating and responding to a cyber incident, as well as liability and damages to third parties due to loss of company or customer data. Cyber insurance policies may vary in coverage depending on the insurer, but in general, they can cover a range of costs, including:

• Legal fees and regulatory fines associated with a data breach or cyber-attack.
• Loss of income and additional expenses incurred during recovery from the cyber incident.
• Costs associated with public relations and crisis management.
• Cyber extortion and ransomware demand and negotiator fees. It helps in managing cyber extortion cases in a more scientific manner.
• Damage to computer systems, networks, and data caused by a cyber-attack.
• Liability and damages owed due to the loss of confidential information or personally identifiable information (PII).
• Cyber insurance can help protect businesses from financial losses due to cyber incidents that could harm their reputation, customer trust, and bottom line.

Paving the way ahead

Cyber threats are one of the key reasons for financial losses which mainly happen through cyber extortion. As India is in its growing phase and the cyber world has become a critical component to running a business, organisations must be updated on cyber threats and how to mitigate them. Expenditure on IT infrastructure and creating a separate budget to update IT security every year is a must-do activity.

Even with the best of systems and IT security, there is no 100% security and, in such cases, chances of financial loss are always there. To mitigate such risks, cyber insurance is an option to opt for proper risk covers. While it is not a preventive measure and is considered a post-loss measure, it helps in minimising the financial loss that an organisation may face.

Prashant Mirchandani, President – Corporate Solutions, Raghnall Insurance Broking & Risk Management Pvt. Ltd