Cyber Blackmail: More Than Just Ransomware

We are happy to welcome guest writers from the Texas Department of Information Resources, Daniel Hankins, Shared Services Security Manager and Andy Bennett, Director Information Security Governance.

Ransomware, which is when a criminal encrypts an organization’s data and then demands payment before releasing the key required to reverse the encryption that is holding the victim’s data hostage, has made international headlines lately. The city of Atlanta’s operations were virtually dragged to a halt after an unmet demand for roughly $50,000 in ransom ended up essentially crippling the city’s government and has already cost at least $2.7 million dollars in recovery efforts to date.[1]  This type of attack is not new, but is making more headlines, with Connecticut[2], Colorado[3], hospitals, and even aid groups for children in Ontario[4] falling victim.  The plethora of attacks has sent security professionals and system administrators scrambling to ensure their systems and backups are safe, and executives taking a second look at their cyber security programs.

While these headlines are attention grabbing and the increases in the frequency of ransomware attacks is troubling, it is important that we do not lose sight of the other serious crimes occurring in the cyber blackmail family of digital crime that revolves around data.  While we have the current media favorite (ransomware), two other cyber blackmail data crimes are also running rampant: data theft (then used in exploitation), and sextortion.

RansomwareThe first category is a new twist on an old criminals’ favorite: blackmail-based extortion. Unsavory parties are stealing data, then turning around and attempting to blackmail companies and wealthy individuals into paying. Examples include Sony’s breach in 2014, which was financially (and potentially politically) motivated, with hackers threatening to release company secrets if Sony didn’t pay a ransom.[5]  In 2017 Disney and Netflix were both hit by attackers who threatened to release media to the public if the companies didn’t pay up (neither did).[6]  Careless use of social media has inadvertently led to blackmail attempts.  Opportunists attempted to blackmail a hockey player based on a picture posted by his partner.[7]  In other cases online criminals will use any means necessary to steal potentially compromising information or other intellectual property from individuals and attempt to use that information as leverage to extort money or behavior from their victims.  Perhaps the most pernicious form of cyber blackmail is Sextortion.

Sextortion is “a form of sexual exploitation that happens when a perpetrator uses coercion to obtain sexual images, videos, money, or even sex from a victim.”[8]  Sextortion usually involves private interactions between the abuser and the victims and is therefore harder to detect and defend against.  Sextortion victims are also not likely to speak up, with one study finding 1/3 of victims being too ashamed.[9]  The victims tend to be younger, with the average victim age estimated at only 15 years old.[10]

As more and more pieces of our business, government, and personal data from our everyday lives occurs online or has a digital component, it is important to remain aware that if there is a way for someone to benefit from it, someone else may try to exploit it.  We continue to invent new technologies at an exponential rate.  Ensuring the safety of both personal and business data is a shared responsibility for everyone, not just your organization’s security professionals.

For additional resources from the Texas Department of Information and Resources visit their Information Security page.


[1] Diamant, A. (2018, April 11). Ransomware attack cost city $2.7 million, records show. Retrieved from WSBTV: https://www.wsbtv.com/news/local/atlanta/ransomware-attack-cost-city-27-million-records-show/730813530

[2] NBC Connecticut. (2018, February 28). Cyber Attack Targets State Agencies. Retrieved from NBC Connecticut: https://www.nbcconnecticut.com/news/local/Connecticut-State-Agencies-Experience-Cyberattack-475102753.html

[3] Maass, B. (2018, February 21). Ransomware Hits CDOT Computers. Retrieved from CBS Denver: http://denver.cbslocal.com/2018/02/21/ransomware-hits-cdot-computers/

[4] Contenta, S. (2018, February 23). Ransomware attacks hit two Ontario children’s aid societies. Retrieved from Toronto Star: https://www.thestar.com/news/insight/2018/02/22/ransomware-attacks-hit-two-ontario-childrens-aid-societies.html

[5] Ring, T. (2014, November 25). Hackers blackmail Sony film company. Retrieved from SC Media: https://www.scmagazineuk.com/hackers-blackmail-sony-film-company/article/540892/

[6] Bukszpan, D. (2017, May 21). Disney hacking shows why companies shouldn’t succumb to digital blackmail, experts say. Retrieved from CNBC: https://www.cnbc.com/2017/05/21/disney-hacking-shows-why-companies-shouldnt-succumb-to-digital-blackmail-experts-say.html

[7] Larkin, M. (2015, September 21). Jaromir Jagr Blackmailed with Photo, Could Not Care Less About It. Retrieved from Roustan Media: http://www.thehockeynews.com/news/article/jaromir-jagr-blackmailed-with-photo-could-not-care-less-about-it

[8] Federal Bureau of Investigation. (2015, July 7). Sextortion Reports on the Rise. Retrieved from FBI.gov: https://www.fbi.gov/audio-repository/news-podcasts-thisweek-sextortion-reports-on-the-rise.mp3/view

[9] Wolak, J., & Finkelhor, D. (2016, June). Sextortion: Findings from a survey of 1,631 victims. Retrieved from Thorn: https://www.wearethorn.org/sextortion/

[10] National Center for Missing & Exploited Children. (2018). Sextortion. Retrieved from National Center for Missing & Exploited Children: http://www.missingkids.com/theissues/onlineexploitation/sextortion