Frequently used for cyber-attacks, ransomware is a type of malware that locks or hijacks a device or restricts access to user files until a ransom is paid. Another form of ransomware holds confidential correspondence or images hostage while threatening to post compromising data, photos, or videos to the Internet unless ransomed. Usually delivered by phishing attacks, ransomware has become more and more sophisticated through the years, which now includes RaaS (Ransomware as a Service) “kits” to help prospective hackers get into the business. And because high-net worth individuals have substantial assets and wish to protect their public reputation or the integrity of their files, they are considered ideal targets.

Remote Office Threats

The COVID-19 pandemic has had a profound impact on the working lives of prominent people, with a consequential spike in cyber-attacks. One in ten high-net-worth individuals working remotely has been victimized by a cyber-attack. Successful individuals and family offices are a potential windfall for threat actors. In fact, more than a quarter of ultra-high-net-worth (UHNW) families, offices, and businesses, with an average wealth of $1.1 billion, suffered from these attacks. Shockingly, 38% lacked a comprehensive cybersecurity plan.

How to Mitigate These Extortion Threats


  • Network Best Practices. Backup data regularly, keep offline backups, and verify integrity of backup process. Regularly back up critical data to minimize potential damage. A good strategy is keeping critical data in a secure location to allow the organization to quickly get back on its feet. Practice the 3-2-1 rule: create three backup copies on two different media with one copy stored offsite: Here is a great blog.
  • Implement network segmentation. Sensitive data should not reside on the same server and network segment as the email environment.
  • Use two-factor authentication and strong passwords
  • Maintain only the most up-to-date version of PowerShell and uninstall older versions. Disable if not needed on certain endpoints
  • Adhere to the principal of least privilege, ensuring that users have the minimum level of access required to accomplish their duties. Limit administrative credentials to designated administrators.
  • Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, secure location.

Email Best Practices

  • Implement Domain-Based Message Authentication, Reporting & Conformance (DMARC), a validation system that minimizes spam emails by detecting email spoofing using Domain Name System (DNS) records and digital signatures.
  • Mark external emails with a banner denoting it is from an external source. This will assist users in detecting spoofed emails.
  • Implement filters at the email gateway to filter out emails with known malspam indicators, such as known malicious subject lines, and block suspicious IP addresses at the firewall.

Case Studies

Extortion by ransomware: a particular threat to high net worth households

High-net-worth individuals face an elevated risk of cyber-attack, loss, and breach, and their public prominence and lifestyle choices can multiply that threat. Yet, 38% of families of this stature lack a comprehensive cybersecurity strategy. In 2017, cybercrime harmed about 143 million Americans, with financial damages amounting to $19.4 billion. The knowledge that high-net-worth individuals and families have the means to pay lures criminal organizations worldwide.

RBC Wealth Management, Cybersecurity: How high-net-worth households can protect themselves

Cyber extortionists attract salaries of $360,000 — or more

Cyber criminals are now offering astounding compensation for skilled individuals to partner with them and digitally extort high-net-worth personalities. Those with cyber management and programming skills can claim salaries over a million dollars for helping crooks conduct epic extortions of wealthy people. The scam is to monetize online exposures of prominent peoples’ credentials, sensitive data, or explicit images to fuel sextortion attacks. Aspiring accomplices can sell their skills to master criminals looking to exploit C-level executives, business owners, and acclaimed professionals. Recruitment and training programs are even available for those aspiring to join the industry.

SC Media, “Digital extortionist offer high six-figure salaries to accomplices,”