Online miscreants have many ways to reach their goals, but one that’s been a tried-and-true method is extortion. This has become so popular among cybercriminals that a nefarious underground market has risen that provides novice extortionists with guides and resources that allow them to perform their dirty work.
In its recently released research study, “A Tale of Epic Extortions: How Cybercriminals Monetize Our Online Exposure,” cybersecurity firm Digital Shadows explores this market in addition to highlighting how attackers leverage online exposure to perform extortion campaigns.
“In the three years that I’ve been at Digital Shadows we’ve always seen these parallels [between the cybercriminal underground] and legitimate businesses,” said Rick Holland, CISO at Digital Shadows. He discussed how many cybercriminals recruit others to join their campaign, much in the same way as legitimate businesses acquire new workers. “It just keeps getting easier and easier for criminals.”
These cyber swindlers are continually looking to reinvent themselves, and their methods are becoming savvier. InfoSec Insider caught up with Digital Shadows CISO Rick Holland on the recent research that his team has conducted on cybercrime extortion, and how security practitioners can secure their organizations don't fall prey to these attacks.