While some hackers they became wealthy by the theft of millions of credit cards from Target, there are others who try more discreet methods to earn easy money.
Internet blackmail a fashion that spreads
In recent weeks, the two companies have publicly described their experiences them with what is becoming the new popular tactic of hackers: Online blackmail. Cybercriminals threaten to reveal sensitive data or destroy websites and services if they are not paid.
Just like the kidnappers, cyber criminals demand a ransom and we have heard a number of cases in the past. But everything shows that cases of digital blackmail have increased much more in recent months and with high-profile victims, according to Matthew Prince, chief executive of CloudFlare.
"The audacity of the attacks has increased and they are directed everywhere without discrimination," Matthew Prince said in an interview.
Τον περασμένο μήνα, ένας άγνωστος hacker απείλησε να καταστρέψει την ιστοσελίδα του Meetup, ένα site κοινωνικής δικτύωσης με 16 εκατομμύρια μέλη, εκτός αν η εταιρεία πλήρωνε 300 δολάρια σαν λύτρα.
On Monday, Basecamp, a software development company, received an email from a hacker who threatened to destroy the site and asked for it to be paid to Bitcoin.
Both companies refused to pay. In response, the hackers "threw" the Basecamp website for two hours and the Meetup website for 24 hours.
These were just two isolated incidents of digital blackmail that happen on the internet. There are no statistics indicating the incidence of incidents, because several companies will never admit it publicly.
Scott Heifernan, co-founder of Meetup, said his company "made the decision not to negotiate with criminals," in part because even paying asignalto the amount of $300 could make the company a target for further extortion demands.
"We think this small amount was a ploy to see if we would pay," Heifernan said in a recent blog post. "If we paid the criminals they would just demand a lot more."
Η Meetup μπορεί να μην υπέκυψε στους εκβιασμούς, αλλά υπάρχουν πολλές εταιρείες που πληρώνουν και το κρατούν μυστικό. Οι hackers αποσπούν πάνω από 5 εκατομμύρια δολάρια άθε χρόνο από τα θύματα τους, σύμφωνα με την εταιρεία security Symantec.
Matthew Prince said his company has requests "every other day" from victims who need internet protection because someone threatens to drop their websites if they do not pay. The CloudFlare service acts as a shield, which diverts malicious traffic from bots, while allowing legitimate visitors to access the site.
In most cyber-extortion cases, victims' websites are down for about 15 minutes. Then, their site comes back, along with an email from the hacker asking for some amount to stop the attack.
"Often, there are hackers who introduce themselves as"White Hat"Security investigators have discovered a bug on the victims' website," said James Aquilina, a former federal cybercrime prosecutor.
"They will ask for $ 50.000 to help fix the security gap," Aquilina said.
Some cybercriminals use special tools designed to blackmail. Last year, a Symantec report demonstrated the growing use of ransomware that can disable individual or corporate systems until someone pays the hacker. Only about 3% of victims pay ransom, but fraud is quite lucrative because hackers have infected thousands of computers with ransomware, according to Symantec.
"They're essentially holding your data hostage," Prince said.
Η Symantec of course knows firsthand what it means to face cyber-extortion. 2012, the company said a group of hackers from Anonymous began to source the source code for one of its products. Then, hackers said they would stop if the company gave them 50.000 dollars.
Some criminals are quite greedy and ask for much more money. In 2012, a Hungarian hacker was sentenced to 30 months in prison for stealing data from Marriott's computers. After the hack, he threatened to reveal the data he took from the company if the hotel chain didn't give him a $150.000-a-year job, free plane tickets, andeyea of the hotel of his choice.
