Help for Cyber Extortion

August 2, 2017

Extortion is an attempt to threaten a company or person into giving up something in exchange for not being harmed. Cyber extortion could involve hacking into and controlling your database or threatening to launch a virus into your systems. Hackers promise to release control back to you or promise not to release the virus if you pay their ransom or meet their demands. It is a rapidly growing trend because it isn’t violent, promises a huge payout, and is difficult to trace.

What should you do if you are facing cyber extortion?

  1. Verify that there has actually been a breach.
  2. Immediately implement your data breach plan, which should include an identified response team, reporting procedures, response and investigation plans, public relations and law enforcement.
  3. Keep the affected servers and network equipment running so your outside or in-house IT specialists can identify the cause of the hacking.
  4. Disconnect the affected equipment from your production environment.
  5. Switch to your backup site.
  6. Implement your crisis communications plan that should include contacting all your stakeholders about the problem along with your plans to resolve it.
  7. Contact law enforcement.

How can you protect your business against cyber extortion?

  • Conduct a data inventory. Protecting your data begins with knowing what data sources are available, in what format the data exists, and who has access to the data.
  • Create secure data backups. What would you do if your entire database and computer network was extorted and you could not operate any of your daily systems? Your data backups need to be able to handle everyday operations if your network is ever compromised.
  • Educate your employees. Anyone can accidentally visit a harmful website or download a malicious attachment. Your employees need to know how to identify dangerous situations.
  • Protect your network. Be sure you’ve installed and are regularly updating necessary antivirus, anti-malware, and firewall programs. Also, be sure you’ve installed and are using updated intrusion detection software (IDS) and data breach prevention software.
  • Hold regular mock attacks. Hire an outside company, like InfoSec Advisors, to test your system’s vulnerabilities.
  • Design a data security contingency plan. Even the best defenses can be breached, so you need to have a plan in place before your business ever faces a cyber extortion situation.

Author: Jeff Brewer

Contact us today for more information on how we can help defend your company against cyber extortion.

Back to all Posts