Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now
  • Blog
    • /
  • Ransomware
    • /
  • We Are In The Wrong Business. Cyber Extortionists Make $360K A Year.

We Are In The Wrong Business. Cyber Extortionists Make $360K A Year.

Stu Sjouwerman | Feb 21, 2019
GettyImages-72421233

Extortion scams capitalize on compromised credentials, sensitive data, and technical vulnerabilities on Internet-facing applications to pressure victims to pay up.

Cybercriminals seeking sensitive data on high net-worth individuals will pay aspiring extortionists an average of $360,000 per year to target executives, lawyers, doctors, and other prominent figures, researchers discovered.

The Digital Shadows Photon Research Team today published "A Tale of Epic Extortions," a deep dive into the ways cybercriminals prey on individuals' online exposure. Extortionists take advantage of compromised credentials, sensitive data (documents, intellectual property), and technical vulnerabilities on Internet-facing applications to convince their victims to pay up.

"The extortion landscape is broader and more diverse than any of us thought before we started," says Rafael Amado, senior strategy and research analyst with Digital Shadows.

Oftentimes, he continues, the technical news that resonates with the infosec community is considered esoteric to everyone else. "Extortion has the human element," says Amado. "Attacks on organizations have real-world impact for everyday humans on the street."

It wasn't long ago when online extortion meant blackmailers composing threatening emails to threaten victims with exposure of their personal data. Some warned their targets of a potential cyberattack – for example, a denial-of-service attempt – if demands were ignored. Ransomware emerged in the 2010s, bringing a viable means of coercion and culminating in WannaCry (2017).

Sextortion, SamSam, and Scaled Funding

Today's extortionists are getting creative and finding new ways to earn cash. They're after details of victims' personal lives and/or sensitive corporate data. Sextortion scams, in which criminals claim to have evidence of targets watching sexually explicit content, have skyrocketed.

Between July 2018 and Feb. 2019, Digital Shadows collected and analyzed 792,000 sextortion attempts targeting 89,000 recipients. Criminals amassed $332,000 USD in payments; analysis of Bitcoin wallets linked to attacks shows they could earn $540 per victim, on average. Full story at DarkReading

 

Topics: Ransomware

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

Stu Sjouwerman

ABOUT STU SJOUWERMAN

Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

Read more from Stu »

Subscribe the KnowBe4 Blog

Posts By Topic

View All