Factbox: Five Facts About Ransomware Attacks | Technology news
(Reuters) – A ransomware attack on Brazil’s JBS SA, the world’s largest meat packer, has drawn attention to the growing field of cybercrime.
Here are some details about ransomware and the issues surrounding it:
– Ransomware works by encrypting victims’ data; Typically, hackers will offer the victim a key in exchange for cryptocurrency payments of up to hundreds of thousands or even millions of dollars. If the victim resists, hackers increasingly threaten to disclose confidential data in an attempt to increase the pressure.
The DarkSide ransomware group, suspected by US officials of the Colonial Pipeline attack last month, has said it wants to make money. Colonial Pipeline CEO said his company paid a ransom of $ 4.4 million because executives were unsure how badly his systems had been breached or how long it would take to restore the pipeline.
– Ransomware gangs raised nearly $ 350 million last year, three times more than in 2019, according to members of a public-private group called the Ransomware Task Force. While the scale of the DarkSide breach was significant, other types of attacks were arguably more destructive. In 2017, the WannaCry cyber attack crippled hospitals, banks and other businesses around the world. The US government https://www.reuters.com/article/us-usa-cyber-northkorea/us-blames-north-korea-for-wannacry-cyber-attack-idUSKBN1ED00Q said the attack cost billions and blamed North Korea. The NotPetya malware, which hit Ukraine in the same year but also wreaked havoc around the world, also generated billions of dollars in costs.
Who is behind the attacks?
– A number of gangs, many of them Russian speakers, are developing software that encrypts files, demanding payment in cryptocurrency for keys that allow owners to decrypt and reuse them. A growing number of gangs and affiliates breaking into targets are now demanding additional funds not to post sensitive material on the internet.
The increase in cash withdrawals and the strategic nature of the targets have raised new questions about the failure of officials in Russia and other countries to crack down on gangs.
What are we doing to stop it?
– In April, the US Department of Justice created a government group on ransomware. Central bank regulators and financial crime investigators around the world are also debating whether and how cryptocurrencies, which are used to pay ransoms, should be regulated.
What was the last major attack on American infrastructure?
– Last month, Colonial Pipeline week fell victim to a cyber attack that shut down its entire network. The ransomware attack was one of the most disruptive digital ransom programs reported and the resulting shutdown disrupted the fuel supply in the eastern United States.
Prior to that, in October 2020, criminals from Eastern Europe targeted dozens of US hospitals with ransomware, including in Oregon, California and New York. FBI and Homeland Security officials then led a conference for hospital administrators and cybersecurity experts.
What can be done to stop ransomware?
– Criminals using ransomware to extort money do not always use the most sophisticated methods. Biden administration official Anne Neuberger said, for example, that the DarkSide ransomware used in the colonial attack was a “known variant” and said some breaches can be thwarted by ensuring that computer networks have installed updated patches.
(Compiled by Chris Sanders; edited by Matthew Lewis)
Copyright 2021 Thomson Reuters.