All companies course of, retailer and transmit buyer, companion and firm information. This information ranges from inside paperwork to cost lists to HR notes on worker habits. If launched to the general public, nevertheless, this info may trigger super embarrassment and potential authorized troubles for a corporation.
The confidentiality and significance of such information make it a ripe goal for menace actors seeking to extort cash from their victims.
Let us take a look at extortionware and ransomware and see how they match into the bigger cyberextortion image.
How does extortionware work?
Generally, extortionware makes use of conventional malware to infiltrate an organization’s digital sources. As soon as entry is gained, the sufferer’s information is stolen and analyzed to determine info that can be utilized towards them. Cybercriminals then contact the sufferer and threaten to launch delicate, embarrassing or in any other case useful info to the general public except the sufferer meets the criminals’ calls for. Sometimes, the calls for are financial in nature and contain the switch of cryptocurrency.
How does ransomware work?
Ransomware is malware that locks and encrypts a sufferer’s digital sources, starting from choose information to all the laptop system, making them inaccessible till a ransom fee is made to the attacker. Ransomware is often distributed by way of an contaminated attachment or malicious hyperlink.
As soon as ransomware has contaminated a consumer’s system, cybercriminals seek for information containing delicate information, comparable to personally identifiable info, monetary information and well being information. Customers are then contacted by the attacker and made to pay a ransom to obtain a decryption key to decrypt their information or to regain entry to their system.
Evaluating extortionware vs. ransomware vs. cyberextortion
Extortionware and ransomware each fall into the class of cyberextortion crimes. As an umbrella time period, cyberextortion covers a variety of malicious actions to blackmail a corporation or a selected individual. Cyberextortion can take quite a lot of types, together with DDoS assaults, doxing, extortionware and ransomware.
Extortionware would possibly sound a bit like ransomware, and it’s. Each ransomware and extortionware entry and exfiltrate firm information, often with the intent of earning money off the corporate from which it was stolen.
In contrast to ransomware, which forces the enterprise to both pay up or lose entry to the stolen information, extortionists threaten to publicly launch the collected info. This usually pressures the enterprise to conform, which will increase the probability that the sufferer will adhere to the extortion calls for.
Ransomware variants, nevertheless, embrace extortionware options. Double extortion ransomware, for instance, is when a malicious actor encrypts or locks entry to techniques and in addition threatens to launch information stolen in the course of the assault.
How dangerous is cyberextortion?
A enterprise that takes steps to guard its backups can mitigate the hazards of cyberextortion. With ransomware, for instance, clear backups make it attainable for a corporation to revive information that attackers have encrypted.
These offline backups show nugatory, nevertheless, when cybercriminals threaten to launch information slightly than delete it. As such, the one method to fight extortionware is to forestall it from taking place within the first place. This distinction makes extortionware a better menace than ransomware.
Regardless of the chance, ransomware stays way more frequent than extortionware.
The reason being easy: Extortionware takes extra effort. Hackers can automate ransomware and forged a large sufferer internet. In some circumstances, cybercriminals even outsource a part of the method. Extortionware, nevertheless, requires a extra focused method. Additional effort and extra time are wanted to assessment stolen content material to find out if any of the knowledge can be utilized for extortion functions. Thus, extortionists often do their homework earlier than attacking to make sure a goal is well worth the effort. All which means an extortionware try is way more difficult to perpetrate than a ransomware assault.
Find out how to stop cyberextortion
Ransomware prevention finest practices additionally apply to stopping extortionware. Cyberextortion prevention measures embrace the next:
- Putting in antimalware.
- Conducting consumer cybersecurity coaching and ransomware-specific coaching in order that staff know their tasks
- Following a defense-in-depth safety program.
- Maintaining techniques and software program present with patches.
Ransomware is the extra frequent type of cyberextortion, however extortionware may cause injury properly past the monetary loss from paying a ransom.
Editor’s notice: This text was up to date in July 2025 so as to add further info.
Andrew Froehlich is founding father of InfraMomentum, an enterprise IT analysis and analyst agency, and president of West Gate Networks, an IT consulting firm. He has been concerned in enterprise IT for greater than 20 years.
