What is cyber extortion?
Cyber extortion is an online crime in which hackers hold your data, website, computer systems, or other sensitive information hostage until you meet their demands for payment. Cyber extortion often takes the form of ransomware and distributed denial-of-service (DDoS) attacks, both of which could paralyze your business.
How does cyber extortion work?
Cyber extortionists have several common techniques for breaking into your computer hardware, software, and networks and incapacitating them until you pay a fee.
One tactic is ransomware, which involves a hacker tricking one of your employees into clicking on a link or file within an email message. This activates the ransomware, which spreads throughout your network, encrypting your servers and data so you can’t access applications and files. The only way to restore access is to pay the hacker for an encryption key.
So-called distributed denial-of-service (DDoS) attacks involve hackers using a network of infected computers to send an overwhelming flood of messages to your web server, which effectively takes it out of service until the messaging stops.
Cyber liability insurance provides coverage to mitigate the financial impact of these attacks.
What businesses are susceptible to cyber extortion?
Anyone who relies on a website to generate sales, such as an e-commerce business, is susceptible to cyber extortion. However, if your business operations rely on digital tools, online customer management software, or internal applications, you are also vulnerable to cyber extortion.
Similarly, if you rely on access to your customer database and customer relationship management system (CRM), then every hour you can’t access this data is an hour of dead time. After several hours, your company could suffer a major financial loss.
Does cyber liability insurance cover expenses related to cyber extortion?
Many cyber liability insurance policies cover cyber extortion, but usually by endorsement only (i.e., an addition to your policy’s declarations page). Such policies, called first-party cyber liability coverage, provide financial support for three purposes:
- To meet a hacker’s ransom demand
- To pay for extortion-related expenses, such as hiring a consultant to remediate an attack
- To bring damaged computer hardware or databases back to their original working condition
How can a small business avoid cyber extortion?
Following cybersecurity best practices is essential. Here are a few key strategies:
- Maintain an effective firewall and install antivirus software
- Train staff on email hygiene (i.e., don’t click links in the body of unknown emails or open attached documents or applications)
- Avoid clicking on pop-up ads while working on the internet
- Maintain multiple backups of all your data
Compare quotes from trusted carriers with Insureon
Insureon helps small business owners compare commercial insurance quotes with one easy online application. Start an application today to protect your business against legal liabilities.
RETURN TO GLOSSARY