Skip to Main Content Back to Top Let's Talk
Home Blog What is cyber extortion? How to protect your business

What is cyber extortion? How to protect your business

Higginbotham H logo

Criminals could target your company, and they don’t even have to be in the same country as you. As more and more business practices go online, cyber extortion has become a serious threat. However, many people are still fuzzy on what cyber extortion is, how cyber extortion insurance works and the best way to keep their company safe.

Cyber Extortion Definition

Extortion refers to the illegal use of force or threat to gain something. If someone threatens to burn down your business or hurt your family unless you pay them, that person is committing extortion.

The term “cyber extortion” can be used to refer to several cybercrimes that involve extortion. Some of these crimes are leveraged against individuals, while others target businesses. Companies of all sizes and in all industries can be cyber extortion targets.


These days, when people talk about cyber extortion, they are often talking about a ransomware attack. In this type of digital attack, cybercriminals infect a computer or network with a virus that encrypts the system’s data. Traditionally, cybercriminals have demanded a ransom to release the encryption key so the victim can recover the infected computer files. However, many cyber extortionists have started making additional threats, such as threatening to publish or sell the sensitive information.

The Internet Crime Complaint Center (IC3) says that it received 3,729 complaints of ransomware in 2021. This is likely only a fraction of the total number of actual attacks in the U.S. since many victims do not report ransomware.

Ransomware attacks can be devastating. If businesses cannot access their files or computer systems, they may not be able to operate effectively, and that can result in loss of income. In some cases, ransomware attacks can shut down essential systems such as cash registers. According to Reuters, a grocery store chain had to shut down 800 stores when this happened.

DoS Attacks

In a denial-of-service (DoS) attack, the hackers make a targeted website, online account, email or other system inaccessible to the legitimate users by flooding the system with traffic and causing the system to crash. According to CISA, there are different types of DoS attacks. In a distributed denial-of-service (DDoS) attack, hackers hijack devices that are connected to the internet in order to launch an attack.

Hackers have different reasons for carrying out DoS attacks. In some cases, they may have a personal grudge against the target, and this may be politically or socially motivated. In other cases, the hackers are financially motivated, and they will demand a ransom in order to stop the attack. According to ZDNet, these extortion DoS attacks have become more common. A survey from Cloudflare found that DDoS attacks with ransom demands increased by 175 percent in the last quarter of 2021 compared to the previous quarter.

Regardless of how it’s carried out or what the motive is, a DoS attack can cause significant business interruption. The business may not be able to operate, or their customers may not be able to reach the company, access their online accounts or make purchases.

Threatening to Release a Virus

Whereas ransomware and DoS attacks start with a cyberattack and are then followed by a ransom demand, some cyber extortion schemes work the other way. The criminal contacts a business and threatens to release a virus or launch another type of cyberattack unless the business pays a ransom or meets other demands.

This type of cyber extortion is more like conventional kinds of business extortion, for example, when a criminal threatens to burn down a business if the owner doesn’t pay a “protection” fee.

Data Breach and Threats to Release Sensitive Data

A cyber extortion attack can result in financial losses and business interruption, but it can also give rise to a data breach.

One of the most common ways that this could happen is if a ransomware attacker steals data in addition to encrypting it. With cyber extortions that involve threatening a business with a cyberattack, the cyberattack in question might cause a data breach.

Sometimes, the threat of a data breach might be at the heart of the extortion scheme. According to a cybersecurity advisory from the IC3, the Karakurt data extortion group has been contacting victims and claiming that they have already accessed sensitive data. They then threaten to sell or release the data unless the victim pays a ransom, which can range from $25,000 to $13 million. Screenshots or copies of stolen file directories may be provided to prove that the threat is real, and the criminals may also contact and harass the victim’s clients and business partners.

These attacks can be especially effective because data breaches are taken very seriously. The National Conference of State Legislators says that every state has data breach notification laws requiring private businesses to notify individuals who have been impacted by security breaches. In some cases, these breaches may result in hefty fines and lawsuits. For example, according to the FTC, Equifax paid out $575 million as part of a settlement over a 2017 data breach that affected 147 million people. Consumers may also lose trust in companies that experience data breaches.

Protecting Your Business from Cyber Criminals

Cyber extortion is a serious threat. Whether you’re running a small business or a large corporation, you need to be proactive about managing this risk.

Take steps to protect your business from cyber threats:

  • Cybersecurity is everyone’s responsibility. Having secure systems is essential, but it’s also important to make sure that all workers are doing their part to prevent cyberattacks. For example, workers should know how to spot and avoid phishing attempts, and they should use strong passwords and multifactor authentication.
  • IC3 says that ransomware attacks are often leveraged using phishing emails, Remote Desktop Protocol (RDP) exploitation or exploitation of software vulnerabilities. To prevent attacks, guard against these vulnerabilities. Train workers on avoiding phishing scams, update your operating system and software and secure and monitor your RDP. Keep secure backups of your data, but also keep in mind that this will not protect you from the threat of a data breach.
  • Purchase cyber extortion insurance. There are many different types of cyberattacks, and a cyber insurance policy may cover some risks but not others. It’s important to read the policy and definitions carefully to make sure you know which events are covered and which are excluded. For example, a policy might cover cyber extortion in which the criminal threatens to release a virus but not ransomware, or vice versa.
  • To protect your company from DoS attacks, CISA recommends enrolling in a DoS protection service. Other preventative measures include maintaining antivirus software, using a firewall and using security settings that minimize the access outsiders have to your information and manage unwanted traffic.

The increase in cyberattacks and its related losses has caused cyber insurance premiums to increase. Cyber insurers are also creating new underwriting requirements and may need to confirm that strong cybersecurity practices are in place before they’re willing to offer coverage. Higginbotham can help your business secure the protection you need against cyber extortion, DDoS attacks, loss of private data and other cyberattacks, as well as related regulatory fines, penalties, income losses and notification costs. Learn more.

Not sure where to start? Talk to someone who wants to listen.

A great plan starts with a conversation. Let’s talk about what you need.

Let’s Talk

Request a Quote

Woman looking sideways to window in design office
Higginbotham H logo