Relax, we've got IT
FREE IT Audit

Cyber extortion: What is it and what’s the risk to your business?

Here’s a topic that’s been making headlines and causing sleepless nights for many: Cyber extortion.

 

Is it something that’s on your radar? It should be, because it might affect your business one day.

 

What is cyber extortion?

 

It’s a type of cyber crime where criminals threaten to harm your business by compromising its data and digital assets unless a ransom is paid. These threats often involve ransomware, a malicious software that encrypts your data, making it inaccessible until you pay the ransom.

 

Sometimes, cyber criminals go a step further by stealing data and threatening to release it publicly on dark web leak sites if their demands aren’t met. This dual threat is known as double extortion.

 

According to a 2024 report, the number of victims of cyber extortion scams has skyrocketed by 77% over the past year. What’s more, small businesses are four times more likely to be targeted compared to their larger counterparts. This is a worrying trend, especially considering that smaller businesses often have fewer resources to defend against these attacks.

 

In the first quarter of this year alone, 1,046 businesses fell victim to double extortion. That may not seem huge, but bear in mind the actual number is likely much higher since many cases go unreported, hiding in the shadows of what experts call the “dark number.”

 

The truth is, all businesses, regardless of size or industry, are potential targets. However, certain sectors are more frequently attacked. Manufacturing, professional, scientific, and technical services, as well as wholesale trade, top the list. Alarmingly, the healthcare and social assistance sectors are also seeing a significant rise in attacks, despite the potential societal and political repercussions.

 

Cyber criminals are opportunistic and strategic. They target regions with strong economic growth and shared languages. For instance, cyber extortion attacks in the UK have increased by 96%.

 

While the rise in cyber extortion is a big worry, there are steps you can take to protect your business. Here are some key strategies:

 

Back up your data: Make sure you have a robust backup plan. Keep your critical data in an offline or offsite location and regularly test your backup restoration process.

 

Keep software updated: Make sure all your devices use the latest software, especially those connected to the internet.

 

Implement Multi-Factor Authentication (MFA): Strengthen your access controls with MFA. This adds an extra layer of security by requiring multiple forms of verification before access is granted (such as a code on a separate device). Also, limit user access to only the systems they need for their job.

 

Patch and vulnerability management: Regularly update your systems to fix any security vulnerabilities. Cyber criminals often exploit known weaknesses, so staying on top of patches can prevent many attacks.

 

By understanding what cyber extortion is and how it works, you can better prepare your business to defend against it. Remember, the key is to be proactive.

 

If we can help prepare your business and keep it safe, get in touch: 01252 984430  salesteam@bespokeitsolutions.com

Read More Blogs

How to create secure passwords

How to create secure passwords

Apr 28, 2025 |

Weak passwords are one of the biggest security risks to your business.
Why?
Because cyber criminals are getting smarter than ever before. If they manage to crack just one password, they could gain access to your sensitive business data, financial information, or even gain control of your entire system.
Cyber criminals use automated tools to guess passwords, allowing them to try out millions of combinations in seconds. So, if you’re using something like “Password123” or “CompanyName2025”, you’re practically handing them the keys to your business.
A compromised password can lead to big issues, such as:
• Data breaches
• Financial losses
• Identity theft
• Reputation damage
But how do you create strong passwords without driving yourself (and your team) mad?
Think of your password like a secret recipe, where only you should know the ingredients. It should:
• Be at least 14 characters long (the longer, the better)
• Include a mix of uppercase and lowercase letters
• Contain a few numbers and symbols (like @, $, %, or &)
• Not contain any common words or easily guessable information (like birthdays, names, or the word “password”)
Instead of using a single word, you could try a passphrase – a short, random sentence that only you would understand. For example, instead of “Sailing2025”, try something like “Coffee&CloudsAreGreat9!”. This is much harder to crack, yet still easy to remember.
You should also steer clear of these common mistakes:
• Using personal info (your name, birthday, business name, etc.)
• Reusing the same passwords across multiple accounts
• Using simple sequences (“123456” or “abcdef”)
• Storing passwords in an easily accessible place (like a sticky note on your desk)
If remembering unique passwords for every account sounds impossible, there is another option: Password managers. These generate strong passwords, store them securely and autofill them for you.
With a password manager, you only need to remember one strong master password for the manager app itself. The rest are encrypted and stored safely, reducing the risk of data breaches.
Even the strongest password isn’t foolproof, which is why multi-factor authentication (MFA) is also important. MFA requires a second form of verification, like a one-time code sent to your phone or generated from an authentication app.
If you have employees accessing your business systems, it’s a good idea to have a password policy in place to explain your rules and why they’re important. This should include:
• Unique passwords for each system and account
• Regular security training on password best practices
• Business-wide use of MFA for critical systems
• Scanning for compromised passwords regularly
By making password security a priority, you can reduce the chances of a cyber attack creating a nightmare for your business.
And if you need help making your business more secure, get in touch.

read more