Editor's Note: When Extortion Threats Go Cyber - InformationWeek
Business & Finance
07:00 PM
Stephanie Stahl
Stephanie Stahl
How Upwork Cut Zero-Day File Attacks by 70%
Oct 05, 2017
Upwork has millions of clients and freelancers that have to upload and download many files to and ...Read More>>

Editor's Note: When Extortion Threats Go Cyber

Each year, InformationWeek gives a fellowship award to a student at Carnegie Mellon University who we think has an innovative idea, a compelling research project, or a groundbreaking product that's designed to advance business technology. Our recipient this year is Gregory Bednarski, a graduate student at the H. John Heinz III School of Policy at CMU. Greg has spent many months studying the impact of cyberextortion on U.S. business.

We're all aware of the damage that viruses, phishing, and other security breaches have on businesses. But cyberextortion is one of the most complex and potentially damaging exposures for businesses, and many don't prepare for it. According to Greg's research, 17% of the 100 small businesses he surveyed have experienced some form of cyberextortion. And that's a conservative number, according to some security experts.

Here's an all-too-real scenario that Greg describes: "A typical Monday. ... After answering or filing your important messages, you come across a note titled 'Customer Information,' but from an unfamiliar sender. You open the message only to find a listing of your largest customers' accounts, credit, order histories, and forecasts. ... Attached to the information is a simple threat: give us cash, or this information goes public. $27,000 divided equally and deposited into three separate foreign accounts, all in a country with tenuous relations with your government, before the week's end. What do you do?"

So, what do you do? This week, our security expert, George V. Hulme, digs deeper into the data, talks to victims of cyberextortion, and provides some tips on how to thwart it and what to do if it happens to you (see "Extortion Online"). Greg's full report is available at http://www.informationweek.com/1005/report.htm.

Stephanie Stahl,

To discuss this column with other readers, please visit Stephanie Stahl's forum on the Listening Post.

To find out more about Stephanie Stahl, please visit her page on the Listening Post.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll