In Brief
Ripe Targets for Online Extortion
Who, What, When, Where, Why & How for the most likely targets of online extortionists
By Scott Berinato
May 01, 2005 — CSO — Who: Companies that deal in cash transactions online.
What: Infrastructure that connects to the Internet and can be taken down remotely by hackers. The less secure your infrastructure, the more likely you'll be a target.
When: During an important time for marketing, investor relations (for example, a merger) or earning revenue. The more important the season is, the more likely you'll be a target.
Where: Often companies outside the United States, away from the FBI and strict anti-hacking laws. The looser the laws around computer crime in your area, the more likely you'll be a target.
Why: Online extortion is safer, easier and more profitable than other criminal enterprises.
How: Extortionists will launch a distributed denial-of-service (DDoS) attack to knock a site offline, and then demand a protection fee of $10,000 to $100,000 in exchange for restoring your site.
-S.B.
Other stories by Scott Berinato
Data Center Directions Virtual Conference
Attend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.
The Surest Path to Effective and Efficient Compliance
In this webcast, we explore why and how — with best practices, practical tips and solutions that work — to ease your compliance challenge.
Prudential Financial Protects its Brand with Symantec Data Loss Prevention Solutions
FORTUNE 100 insurance leaders rely on Symantec.Information Security: Data Drains and How to Prevent Loss
Do you know where your confidential data is?Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands
Learn what the thought-leaders at PricewaterhouseCoopers have to say.7 Requirements of Data Loss Prevention
Incorporate best practices from many companies using DLP solutions.Ponemon Study: How Much Does a Data Breach "Cost"?
35 U.S. organizations that lost confidential information and had a regulatory requirement to publicly notify affected individuals are studied in this report.
- How Are Open Source Development Communities Embracing Security Best Practices?
- Using Likewise to Comply with PCI Data Security Standard
- Ponemon Study: How Much Does a Data Breach "Cost"?
- Managing SSL Security in Multi-Server Environments
- Maximizing Site Visitor Trust Using Extended Validation SSL
- The Latest Advancements in SSL Technology
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
Data Loss Prevention
-
November 13, 2008The Roosevelt HotelRegister now »
New York, NY 10017
(ISC)2 members can earn up to 6 CPE Credits
Reference priority code ONLINE and attend this program as our guest — that's a $295 savings!
