Cyber Extortion: Definition and Meaning

Since 2013, cyber extortion has been recognized as a phenomenon and has been compared to other unplanned hacks as a relatively low threat. But in recent years, cyber criminals have started deploying sophisticated and deadly techniques, disrupting hundreds of firms worldwide.

It is obvious that corporate executives must be aware of the growing threat posed by ransom ware and make appropriate plans. Let's talk about what cyber extortion is, how it may harm your organization, and the best strategies to protect yourself in order to fully comprehend this specific issue.

What is Cyberextortion?

A broad area of online and computer-related crime is known as "cyber extortion." As the word implies, criminals use threats and other forms of coercion to compel individuals and organizations to hand over money or sensitive data during the cyber attacks included in this general phrase.

• A form of cybercrime called cyber extortion involves thieves stealing your financial or personal information and threatening to damage you if you do not pay a ransom. There has been a rise in cyber extortion in recent years as more people and companies store sensitive data online.

The value of the data at their disposal is used as compensation by cyber extortionists. They prey on your anxiety if they threaten you with information because there's a strong possibility you don't want that information to be revealed or destroyed. When cybercriminals demand money, it's likely that it will be comparable to what your information is worth on the black market. They have the option of selling it to the highest bidder if you refuse to cooperate.

Types of Cyberextortion

Cyber extortion is the practice of obtaining money or other types of payment from people or organizations using online or digital means. Cyber-extortion can take a variety of forms, including:

• Ransomware: Hackers frequently use ransomware to target corporations and government organizations. In a ransomware attack, a device is infected with malware that encrypts data, preventing the owner from accessing crucial files and resources. The person or business is then asked to pay a ransom in exchange for a digital key that would unlock their files, according to the hackers. If they do not pay, the hacker may publish the information they obtained on the dark web.

  A ransomware assault can cause significant interruption and reputational harm, even if the victim is able to regain access to their data. In 2021, a ransomware attack on the firm in charge of the Colonial Pipeline in the US led to panic purchases of gasoline by drivers, which significantly increased the price of gas.

• DDoS attack: Attacks known as "distributed denial of service" (DDoS) are used to block access to websites, mobile apps, and other online services by their intended users. Typically, in these attacks, hackers overwhelm the victim with a fictitiously high amount of traffic. For instance, they might employ bots to saturate a website's servers with traffic, preventing legitimate users from seeing the pages. The cyberterrorist then offers to stop the attack in exchange for the specified sum.

• E-mail based extortion: Cyber extortion via email is widespread and typically involves the hacker posing as someone else, such as a company or a friend of the target. They adopt this persona in order to trick the target into believing they are safe before attempting to persuade them to send money (perhaps by posing as a friend in need) or provide personal information (login details for a banking app, for example).

• Cyber Blackmail: A victim of cyber extortion may be threatened with blackmail, the release of private information, or even compromising photographs if they don't pay up. Despite their claims to the contrary, the victim may still be persuaded to pay the demanded sum out of fear of exposure or public humiliation.

Laws for Cyber Extortion in India

Every second, a cyber extortion case is filed in the nation's capital, Delhi,

• According to the National Crime Bureau, Ministry of Home Affairs, Volume II, 2021. Each complaint claimed the perpetrator had critical information about the victim. Consequently, a clear law is required for such a serious crime.

• Unfortunately, the Information Technology Act of 2000 neither defines nor specifies a precise punishment for cyber extortion because it does not consider it to be a crime. The accused may still face charges under Sections 383 (extortion), 503 (criminal intimidation), and 66E of the IT Act as well as the Indian Penal Code, 1860.

• It is a violation of privacy, according to Section 66E, when a person's private information is exposed as a result of the taking, publishing, and dissemination of an allegedly image. The accused could receive a punishment of up to Rs 2 lakh, three years in prison, or both.

• Extortion is dealt with in Section 383, which is defined as the act of purposefully injuring or threatening to injure another person with the aim of persuading that person to give any property or valued security to the accused. Extortion is a crime that carries a sentence of up to two years in jail, a fine, or both for those found guilty.

• Additionally, Section 503 addresses the crime of criminal intimidation, which is the act of threatening someone with harm to their reputation, person, or property, or to the reputation of another person in whose person or reputation the threatant is interested. Threatening is used to intimidate the victim into carrying out unlawful acts or refraining from actions to which he is lawfully obligated or entitled. A person suspected of engaging in criminal intimidation may be sentenced to up to two years in prison, a fine, or both.

How to Report Cyber Extortion

It is crucial that you report instances of cyber extortion, since doing so can keep you safe and reduce the risk that other individuals will be targeted similarly. There are two ways to report online extortion:

• Contact Law Enforcement- Since extortionists frequently target victims in foreign countries, the authorities might not be able to identify and apprehend the criminal, but they can still provide you with advice on what to do. Numerous law enforcement agencies employ specialized agents and teams to handle problems with cybercrime and extortion.

• Contact the platform on which the extortion takes place- By doing this, you can inform the website or service about scams they may not have been aware of and even have the hackers blocked or banned (though if they have many accounts, this may not deter them for very long). Use the reporting features of the websites to alert moderators if you believe you have received a phishing message, for instance, on Instagram or Facebook.

Conclusion

A nation like India, which offers all of its services online for the convenience of its inhabitants, must consider the potential challenges and threats that could arise from this digital system in today's world. Everyone's data is now kept online in programs like Digi Locker, cloud storage, and personal drives. The administration must therefore preserve the same as a result. Adopting an explicit, clearly stated law designating cyber extortion as a cybercrime would undoubtedly be the first step toward safety. And as the subject at hand involves people's privacy and reputation, which also fall under one of the essential rights guaranteed by the Indian Constitution as the right to privacy, it must be penalized with harsh punishments as well as significant fines.

FAQs

Q1. Who should one address in the event of online extortion?

Ans. Anyone who has been a victim of a cybercrime of any kind is welcome to get in touch with the state police cyber unit and file a report. For instance, Delhi residents who are victims can get in touch with the Delhi Police Cyber Crime Unit immediately.

Q2. What is the most typical manner in which someone can fall victim to online extortion?

Ans. Opening spam, visiting unprotected websites, and opening pointless files, whether in the mail or online, give hackers the means to attack the networks and demand money through cyber extortion.