We say cybercrime is really nothing new: it’s just crime with new tools. And one of the oldest forms of crime on the books is extortion. Extortion is really a simple algorithm:
Where X is something harmful or painful and Y is something even more harmful and painful to you. X also is ultimately beneficial to me.
Extortion as a class of cybercrime is nothing new. It’s been around since at least the early 2000s when attackers would extort money from websites with the threat of unleashing distributed denial of service (DDoS) attacks if they weren’t paid.
However, in The Fine Line 2016 Predictions, we are predicting that “2016 will be the year of online extortion.” What does that mean exactly since extortion isn’t new?
What it means is that after years of seeing the effectiveness of ransomware and seeing events like the Ashley Madison hack by the Impact Team we expect attackers to redouble their efforts around online extortion. In the case of ransomware, it’s proved profitable. In the case of Ashely Madison, not giving into the attacker’s demands has proven devastating. Criminals and potential victims have been paying attention and we believe the coming year will see significant expanded activity in the realm of online extortion.
This means we can expect to see continued use and evolution of ransomware like Cryptolocker. And we can expect to see extortion-focused attacks like we saw with Ashley Madison. We can also expect to see criminals come up with new ways to carry out the tried and true extortion formula.
As always, the best thing you can do is be aware but not be afraid. Keep your systems up-to-date, run security software on all your systems and devices, and exercise caution when you’re contacted by others. These three steps can help you keep ahead of the bulk of threats out there.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.