All companies course of, retailer and transmit buyer, accomplice and firm information. This information ranges from inner paperwork to cost lists to HR notes on worker habits. If launched to the general public, nevertheless, this data may trigger great embarrassment and potential authorized troubles for a corporation.
The confidentiality and significance of such information make it a ripe goal for risk actors seeking to extort cash from their victims.
Let us take a look at extortionware and ransomware and see how they match into the bigger cyberextortion image.
How does extortionware work?
Most often, extortionware makes use of conventional malware to infiltrate an organization’s digital assets. As soon as entry is gained, the sufferer’s information is stolen and analyzed to establish data that can be utilized towards them. Cybercriminals then contact the sufferer and threaten to launch delicate, embarrassing or in any other case invaluable data to the general public until the sufferer meets the criminals’ calls for. Sometimes, the calls for are financial in nature and contain the switch of cryptocurrency.
How does ransomware work?
Ransomware is malware that locks and encrypts a sufferer’s digital assets, starting from choose information to your complete pc system, making them inaccessible till a ransom cost is made to the attacker. Ransomware is normally distributed by an contaminated attachment or malicious hyperlink.
As soon as ransomware has contaminated a person’s system, cybercriminals seek for information containing delicate information, equivalent to personally identifiable data, monetary information and well being information. Customers are then contacted by the attacker and made to pay a ransom to obtain a decryption key to decrypt their information or to regain entry to their system.
Evaluating extortionware vs. ransomware vs. cyberextortion
Extortionware and ransomware each fall into the class of cyberextortion crimes. As an umbrella time period, cyberextortion covers a variety of malicious actions to blackmail a corporation or a particular particular person. Cyberextortion can take quite a lot of kinds, together with DDoS assaults, doxing, extortionware and ransomware.
Extortionware would possibly sound a bit like ransomware, and it’s. Each ransomware and extortionware entry and exfiltrate firm information, normally with the intent of creating wealth off the corporate from which it was stolen.
Not like ransomware, which forces the enterprise to both pay up or lose entry to the stolen information, extortionists threaten to publicly launch the collected data. This typically pressures the enterprise to conform, which will increase the chance that the sufferer will adhere to the extortion calls for.
Ransomware variants, nevertheless, embody extortionware options. Double extortion ransomware, for instance, is when a malicious actor encrypts or locks entry to techniques and in addition threatens to launch information stolen in the course of the assault.
How dangerous is cyberextortion?
A enterprise that takes steps to guard its backups can mitigate the risks of cyberextortion. With ransomware, for instance, clear backups make it doable for a corporation to revive information that attackers have encrypted.
These offline backups show nugatory, nevertheless, when cybercriminals threaten to launch information slightly than delete it. As such, the one method to fight extortionware is to forestall it from occurring within the first place. This distinction makes extortionware a better risk than ransomware.
Regardless of the chance, ransomware stays way more widespread than extortionware.
The reason being easy: Extortionware takes extra effort. Hackers can automate ransomware and solid a large sufferer internet. In some circumstances, cybercriminals even outsource a part of the method. Extortionware, nevertheless, requires a extra focused strategy. Further effort and extra time are wanted to evaluate stolen content material to find out if any of the data can be utilized for extortion functions. Thus, extortionists normally do their homework earlier than attacking to make sure a goal is well worth the effort. All because of this an extortionware try is way more sophisticated to perpetrate than a ransomware assault.
How you can forestall cyberextortion
Ransomware prevention finest practices additionally apply to stopping extortionware. Cyberextortion prevention measures embody the next:
- Putting in antimalware.
- Conducting person cybersecurity coaching and ransomware-specific coaching in order that staff know their tasks
- Following a defense-in-depth safety program.
- Preserving techniques and software program present with patches.
Ransomware is the extra widespread type of cyberextortion, however extortionware may cause harm properly past the monetary loss from paying a ransom.
Editor’s notice: This text was up to date in July 2025 so as to add extra data.
Andrew Froehlich is founding father of InfraMomentum, an enterprise IT analysis and analyst agency, and president of West Gate Networks, an IT consulting firm. He has been concerned in enterprise IT for greater than 20 years.
