Extortion by computer and internet

Cyber extortion detection and prevention


By Nancy A. Pasternack, CFE, CPA, CIA

Extortion isn't new. But cyber criminals are taking advantage of high-tech developments to squeeze money out of individuals and organizations. Learn how to prevent a variety of threats and the steps to take if your entity is hit.

It's just like any other Monday for Bob, the president of a credit card processing center for online businesses. He makes the half-hour commute into work, fills his favorite coffee mug to the brim, and sits down at his computer to catch up on e-mail. He sees one with an unfamiliar sender's name and a subject line that reads, "Your Customer's Information." Bob knows to be cautious of e-mails received from unknown sources but he can't help himself and opens the message. He's bewildered as he stares at a list of business names he recognizes as his customers. Also on the e-mail are unknown names, 16-digit numbers, and separate three-digit numbers. He doesn't realize it yet but what he's looking at is a list of people who had made purchases, their credit card numbers, and the corresponding business names that had submitted their transactions for processing over the weekend. He reads the instructions: "Send $50,000 in 6 equal wire transfers or this will be sent to all your customers." The empty mug dangles from Bob's fingers while the carpet bleeds brown.

Bob would learn that day that hackers had penetrated his company's network to copy the sensitive data. But because he couldn't possibly believe the threat had any teeth, he shrugged off the e-mail message as a hoax. The next day he realized the threat was a reality when irate customers had tied up all the phone lines trying to get through.

Based on other incidents they had seen, law enforcement officers could only speculate that the hackers were likely to be in Eastern Europe, but since Bob's company hadn't immediately collected the proper evidence it was difficult to build a case. Because customers were unforgiving, Bob quickly found his young business in peril. Six months later after his insurance company denied coverage, he closed his doors and updated his resume.1  

The cliché, "the more things change the more they stay the same" applies to the new era of extortion. The traditional crime of extortion is defined as an attempt to threaten a person or entity into giving up something in exchange for not being harmed in some way. Cyber extortion merely modernizes this crime by using the Internet and computers to carry out a wide variety of threats. For instance, after a cyber extortionist penetrates a network system, launches a virus, or obtains sensitive information from a database, he can hold the victim at bay. Cyber extortion is tied to many of the malicious acts perpetrated on the Internet. It's quickly becoming a favorite crime because it isn't violent, it promises lucrative payoffs, and it normally guarantees anonymity.


For full access to story, members may sign in here.

Not a member? Click here to Join Now. Or Click here to sign up for a FREE TRIAL.