Companies are increasingly being targeted by scammers. Blackmail attempts are also increasing in small and medium-sized businesses. Those affected and the police are often powerless.
Cyber criminals have established a thriving online extortion business. The police are often powerless and can rarely catch the perpetrators. They evade criminal prosecution by sitting abroad or successfully concealing their identity. Conflicts escalate when key businesses and critical infrastructure are affected. But even smaller companies are increasingly affected by cyber attacks.
According to the insurance company Allianz, the risk of online blackmail will increase in the coming years. Companies, authorities and critical infrastructure are affected. In the course of the Ukraine war, the risk of cyber attacks “by nation states” is also increasing for companies, explains Allianz industrial insurer AGCS. According to the insurer’s report, online extortion cases are not only increasing in number. The damage to the attacked institutions is also increasing, and not just financially. “Double and triple racketeering attacks are now the norm,” said Scott Sayce, head of cyber insurance at AGCS.
Cyber attacks on companies – this is how the perpetrators proceed
Traditionally, cyber attacks on companies are carried out using encryption software or ransomware. The hacker then gains access to a network and encrypts it, before demanding a large sum of money. A password will only be issued after payment, with which it is possible to decrypt the valuable data again. In the case of “double blackmail”, the cyber criminals also steal sensitive data. The data obtained is then also used for an attempt at blackmail. In the threefold form, customers, suppliers, business partners and other contacts of the originally attacked organization are then blackmailed. Sayce and his colleagues warn that increasingly small and medium-sized businesses are affected by cyber attacks and extortion.
The AGCS refers to estimates by the American cyber security company Sonic Wall. According to them, there were 623 million online extortion attempts worldwide in 2021. That’s twice as many as in 2020. This year, the number of cases has fallen slightly worldwide – except in Europe. E-mails with attached files in which the ransomware is hidden are still often the gateway for the hackers.
Manipulation and deception via deepfakes
In another variant of cyber attacks, criminal hackers pretend to be the company’s superiors. This scam uses fraudulent payment instructions to trick subordinates into transferring the money themselves. This type of intelligent deception is also becoming more prevalent, according to AGCS. According to the AGCS report, hackers are increasingly using artificial intelligence to slip into managerial roles with manipulated “deepfake” audio files or videos. According to this, there was a case in 2021 in the United Arab Emirates in which $ 35 million was stolen from a bank. An electronically cloned voice of a boss was used to deceive an employee.
You might also be interested in this: Attention ING customers! This is how you are currently being ripped off
In connection with the Ukraine war, AGCS assumes that the risk of espionage, sabotage and cyber attacks against companies will increase. Above all, companies with connections to Russia and Ukraine as well as to neighboring countries increase the probability of a cyber attack. State-sponsored cyberattacks could also target critical infrastructure and supply chains, the report says. “So far, the war between Russia and Ukraine has not resulted in a significant increase in cyber insurance claims, but it does indicate a potential increased risk from nation states,” Sayce said.
With material from the dpa.