Email Bomb Threats Demand Ransom Payments
By: Jim Stickley and Tina Davis
January 6, 2019
A chilling wave of bomb threats recently rocked its recipients and law enforcement in the U.S. The cyber extortion attempts demanding hefty Bitcoin payments from recipients to neutralize the threat were recently received via email. Although now believed to be hoaxes, the bomb threats were sent to universities, news outlets, schools, and businesses throughout the country. Currently, explosives have yet to be found, with both recipients and authorities trying to figure out the true intention behind the threatening emails. All the emails were sent using a different sender email address for each.
Using the Internet to extort money is nothing new, but the damage incurred can cost much more than the ransom demands alone. Although each email ransom demanded sums around $20,000 in bitcoin, the disruption associated with a quick response by authorities who clear the buildings and public areas involved, costs significant time and money. The fee to the senders, on the other had are minimal. Putting jail time aside if caught, ransom criminals and hackers can send countless emails for free and at the click of a button. If just one ransom is paid, it may all be worth it to them.
The perpetrators behind these bomb threat attacks are believed to be the same ones that were behind a sextortion scam not long ago. In that one, an email was sent stating that if a ransom was not paid, video of the recipient engaging in illicit activities and details of the porn sites they visited would be sent to the targets’ contacts. In those, the requested Bitcoin was much smaller, but the attack was bit enough that if a few people paid up, it was worth it.
Investigators agree the attacks somewhat mimic ransomware, which experienced massive growth over the past few years. Ransomware attacks lock computers and their files, making data inaccessible until the ransom is paid; although often they are not unlocked even if a ransom is paid. These attacks are famous for targeting the healthcare industry, financial institutions, city services, and law enforcement–all of which need immediate access to data to function properly. One that no one can forget was the WannaCry ransomware that quickly circled the globe forcing hospitals, delivery organizations, transportation services, and many others to halt business to deal with it. The decision whether to pay the ransom or not, may be contingent upon data backup and other commitments to cybersecurity that minimize ransomware effects
The FBI and other law enforcement recommend not paying ransoms, as that can encourage criminals to continue their efforts. Although this recent email ransom attack may be on a larger scale than some ransomware attacks, authorities are concerned that similar attacks may be imminent due to publicity and copycat followers. Like any public threat, following instructions of authorities to evacuate the area or other directives can keep people safe from harm.