Fighting the Growing Threat of Cyber Extortion

By Shawn Dougherty February 24, 2014

Shawn DoughertyCyber criminals today aren’t just hacking into vulnerable computer systems. They’re hijacking them for hefty ransoms.

The crime of cyber extortion has become easier and grown exponentially in Europe in the past two years, according to European law enforcement. The process often involves ransomware, a type of malicious code that disables a computer in a denial-of-service (DoS) attack, and displays a frightening message demanding money to unlock the computer.

In Europe, cyber criminals often pose as police in the messages and accuse victims of carrying out online activities such as illegal file-sharing or visiting terrorist websites. The cyber criminals then coerce the users into paying “fines.” Earlier this month, the European Cybercrime Centre at Europol issued a report about police ransomware, which it said has become a multimillion-euro business for criminals. The report noted cyber extortion has been facilitated by underground online forums providing ransomware source code, infrastructure for distribution of malware, and money laundering services for “cashing out” illicit proceeds gained through online prepaid solutions and virtual currencies.

But ransomware is not just affecting Europe. Since September, cyber criminals have used CryptoLocker — a new type of ransomware that locks up important computer files — to obtain more than $30 million in ransom money from businesses in Charlotte, North Carolina. The criminals demanded $300 to $500 to release the files in each attack. And while police didn’t recommend paying the ransom, they were aware of at least 30 cases where paying the money had led to the release of files.

So how can a company stay safe from cyber extortion? The answer goes back to the three I’s of computer virus protection. The first two I’s are always critical: Installing antivirus software and informing staff about suspicious e-mails and attachments are basic steps to keeping a company cyber safe. But the last I — insuring against future loss — is also important. Some insurers offer cyber-insurance policies that cover ransom payments and other expenses resulting directly from extortion threats. They also offer plans for lost business income or expenses if a credible extortion threat or a security firm’s recommendation causes a company to shut down its website and e-mail system.

If you’re worried about cyber extortion or would like to learn about other aspects of cyber-liability insurance, feel free to e-mail me at sdougherty@iso.com. Also, make sure to follow me on Twitter @doughertyshawn.

Stay tuned for the next blog post in our Cyber Monday Series.


Shawn Dougherty

Shawn Dougherty is the assistant vice president of ISO's Specialty Commercial Lines Division. He is responsible for providing the overall direction, leadership, and client service for ISO's cyber liability (e-commerce), D&O (management protection), businessowners, crime and fidelity, financial institutions, employment-related practices liability, and professional liability (other than medical) insurance programs. He is also the ISO product manager for the Lloyd's Wordings Repository, an electronic database of policy wordings and clauses regularly used within the London market. Mr. Dougherty has worked at ISO since 1988.