“That’s a nice business you’ve got. It would be a shame if anything was to happen to it!” That, in a nutshell, is the classic gangster’s extortion pitch: fleecing victims for their hard-earned money by threatening that something terrible will befall their livelihood if they don’t stump up the cash.
In the modern world, such threats have changed form. While there are most likely still real-world protection rackets that operate like this, many attackers have embraced the digital world to operate a cyber version of this scam; leveraging the importance of a target’s data as a way of bilking money out of them.
This is what is known as a ransomware attack. A classic ransomware attack refers to a type of cyber attack in which attackers break into computer systems and encrypt key files, which the user must then cough up money to regain access to. When the ransom is paid, the attackers send access to a decryption key which restores access to the files. If the money is not forthcoming, the files remain permanently locked and inaccessible. Defending against attacks such as ransomware is a key reason why the use of security measures like risk analytics are so essential for organizations.