Don’t take it personally: Cyberattackers may be targeting you now

These days, cyberattackers are bypassing businesses and going straight for individuals. What can you do to prepare?

Cybercrime is always evolving. Phishing attacks have gone from generic spam to highly targeted, personalized emails. Cybercriminals no longer give up on making money just because the victim refuses to pay the ransom; these days, cybercriminals have new tactics to demand payment when the initial threat doesn't work. Cybercriminals continue to stay one step ahead of cybersecurity professionals to ensure cyberattacks remain profitable.

Cybercriminals have traditionally targeted businesses with large stores of data and financial assets. However, as organizations become savvier in how they respond to attacks like cyber extortion and ransomware, threat actors have pivoted to targeting individual consumers. 

The new attack

It may be a familiar experience to be the victim of a data breach through a third party and deal with the aftermath by adding extra protection to prevent identity theft. But all of this is handled by others, behind the scenes.

Recently, cybercriminals are bringing those data breaches directly to the inboxes of individual victims—they are using the information they have accessed to blackmail individuals. In late 2023, patients in Seattle and Oklahoma received threatening emails that included Social Security numbers, insurance information, and medical history. They were told that if they didn’t pay up, their information would be sold on the dark web.

Personal attacks are just business

Cyber extortion against individuals is another tool cybercriminals use to earn money. If cybercriminals can get the same rate of return from individuals that they get on payments they demand from organizations, why wouldn’t they try it? Although the money requested in the above extortion cases was under $100, the earnings can add up.

The question then becomes: How likely is it that individuals will agree to pay? Most consumers aren’t security-savvy, but they do know the consequences of their personal information being used for identity theft. One report found that 83% of corporate ransomware victims paid the ransom demand¹—the answer is that it’s very likely that individuals will pay.

How organizations can prepare

Protecting individual and client data has already been a challenge for businesses, and this type of attack would throw individuals directly into a situation they are likely unprepared to respond to. The following are steps that businesses can take to help prevent the chances of a cyber extortion: 

Businesses can take these steps to help ensure their customers aren’t targeted with cyber extortion in the aftermath of a data breach:

• Maintain 24/7/365 monitoring, particularly database access monitoring and file integrity monitoring (FIM). 
• Enforce defense-in-depth strategies and layered security controls.
• Apply database hardening techniques, including password salting and cell-level encryption and row-level security.  
• Require employees and customers to use multi-factor authentication (MFA). 
• Conduct regular audits of your network to make sure security measures remain in place.
   

1: "The CISO Report," splunk>, splunk.com.