Back to: News & Views
CrytoLocker is malware cyber criminals use to encrypt the contents of a computer until users pay up.
But that's only one type of cyber extortion, according to Tim Francis, enterprise cyber lead at Hartford, Conn.-based insurance company Travelers.
Criminals can also threaten to shut down computer systems or erase data, to infect a company with a virus, to publish proprietary information or personally identifiable information of customers or employees, launch a denial-of-service attack, or hold social media accounts hostage.
Criminals can also start the attack first, and refuse to stop until the money is paid.
It's no longer just a lone disgruntled employee targeting a single company, Francis said. CryptoLocker is just one example of how cyber extortion technology has been commodified, making it accessible to a wider variety of criminals.
"It's a trend that we've seen increasing over the last couple of years," he said.
Here are some steps a company can take to protect itself:
1. Know Your Data
Understand the data your company has on hand and what is at risk. A company can’t fully know how much is at risk until they understand the nature and the amount of data they have.
2. Back It Up, and Back It Up, and Back It Up Again