According to new EU data available to CNN, significant cyber-attacks against critical targets in Europe, which were made possible by the pandemic, have doubled in the past year. The European Union’s cybersecurity agency, ENISA, told CNN that 304 major malicious attacks hit “critical sectors” in 2020, more than double the 146 attacks a year earlier.
The agency also reported an increase of 47 percent in attacks on hospitals and health networks over the same period as the same criminal gangs sought to make money from vital services due to the pandemic.
Figures show an increase in cyber-attacks. often in the form of extortion programs, which have recently wreaked havoc in the United States as the Darkside group targeted the Colonial Pipeline network and fears of shortages have lined up at gas stations.
The pandemic caused an explosion in online services and security only came to the fore in retrospect, according to Apostolos Malatras, ENISA’s Head of Knowledge and Information Team . However, there was time to explore vulnerabilities in systems and critical infrastructures, he added.
A survey of British security firm Sophos also concluded that the average cost of a blackmail virus attack has so far year doubled. The survey estimated costs at $ 761,106 by 2020, but this year that number jumped to $ 1.85 million. Costs include insurance, lost business, “cleanup” and payment of ransoms.
The rising costs reflect the increasing complexity of each attack, said John Shier, senior security consultant at Sophos. who added that while the number of attacks decreased, their sophistication increased. “They seem to be trying to be more purposeful. So they break into companies, understand exactly which company they hacked, and try to penetrate as fully as possible so that they can get as much money out of them as possible,” the expert said.
Both Shier and Malatras pointed to the latest threat, “triple blackmail,” in which extortion virus attackers encrypt data on target systems by encrypting it, then extracting it and then threatening to publish it online. According to them, the attackers then move on to a third phase and use the data to attack the target systems and blackmail their customers or connections.
“If someone is a customer of this company whose data has been stolen, they threaten to release his data or call other companies that are his partners, ”Shier said. He added that the highest ransom he had heard was $ 50 million.
Another threat is “fileless attacks” in which the extortion virus is not in a file and is usually human error – e.g. by clicking on a suspicious link or opening an attachment. Fileless attacks infiltrate a computer’s operating system and often reside in RAM, making it harder for anti-virus software to find them.
Although law enforcement and security experts say the best policy is not to they pay a ransom as it encourages criminals, there is some hope for paying companies. Better technology allows some security companies to track cryptocurrencies, usually bitcoin, as criminals move sums of money between different accounts and crypto money.
For example, FBI investigators have managed to recover Colonial Part of the money paid by the Pipeline network to the Darkside extortion program group after the attack caused a major disruption to U.S. gas supplies, CNN reports.
Cyber security company Elliptic, which helps the FBI in tracing such clues, he said that the short time Darkside was in possession of the money meant he could not launder the money properly in cyberspace, making the route easy to explore.
” Currently, criminals want to raise cash in euros or whatever to profit from their crimes, ”said Tom Robinson, a senior researcher at Elliptic. This means that crypto money is usually sent to the real world financial exchange to be converted into real money there. If the stock market is regulated, they must identify their clients and report any suspicious activity.
The tricks used by criminal groups to hide the path of cryptocurrency obtained are becoming increasingly complex. Some use “mixing wallets,” which allow users to mix cryptocurrencies — as if they were mixing used banknotes — making ownership difficult to track. According to Robinson, regulating these ministries and all stock exchanges would help slow the spread of ransom software among criminals.
“Identifying perpetrators is also important, but also making it difficult for these criminals to access money. That means there is less incentive to commit this type of crime, “Robinson told CNN.
Hardware, software, tests, curiosities, and colorful news from the IT world by clicking here!
