SAN FRANCISCO – New Orleans city government is lame. A marine cargo facility is temporarily closed. Hospitals are forced to return patients. Small business closed.
The reason for each of these events: ransomware attack. In recent years, hackers have demanded payment to lock entire computer networks and allow users to return to their systems.
Among the scariest and most costly online attacks – the frequency of ransom attacks was difficult to identify because many victims pay their attackers silently without informing the authorities.
Now, an array of new data probably provides the best available image of the problem. In 2012, 205,280 companies submitted hacked files to Fenceware attacks – a 41 percent increase over the previous year, according to data provided by The New York Times, a security firm called Amnisoft, which helped companies hurt by companies.
According to data from security firm CoreWare, the average payment amount for files released in the last quarter of 2019 has been $ 84,116, more than double the previous quarter, in the last month of 2019, it jumped to $ 190,946, with several companies demanding ransom for several million dollars.
Security experts say that even these numbers reduce the actual cost of ransom attacks, which has disrupted factories and basic infrastructure and forced businesses to shut down.
“Anything smart and connected can be kept for ransom,” says Steve Grobman, chief technology officer at McPhee. “If critical infrastructure systems are to be redeemed, what will be our policy in tackling them?”
Information from security agencies and recent ransomware events shows a dramatic increase for a kind of attack that only led to a few years ago, for most people, who only had to pay a few hundred dollars to retrieve the files. .
The The Coast Guard said in December The attackers were forced to shut down a cargo transfer facility in Transware for more than 30 hours after the “industrial control system that controls and controls cargo transfer and controls important encrypted files for processing operations”. The Coast Guard did not disclose its location.
The city of New Orleans, dozens of cities affected by the ransom over the past year, was attacked late last year with a similar ransom, and police officers are still manually recording the incident and carrying out several campaigns on paper.
Cities seemed high on the list of targets because they are, in fact, the only victims of the attacks to be reported, with public sector agencies representing around 10 percent of those killed last year, Kovar said.
Barclays and several other banks were unable to convert forex to customers for more than a month after being targeted by Travellex, the company that offers them cash Ransomware known as Sodinoki, or Revil. The BBC reports that hackers have demanded $ million dollars.
Like the Canada Timberline, ransomware attacks have stopped several small and medium businesses altogether. Printing company with more than a hundred employees near Denver, And Brookside ENT and Heat Services of Battle Creek, Mich.
“I was retired suddenly and I didn’t want to be,” said Dr. William Scalf, a doctor at two Brookside physicians who, in April, failed to recover medical files from hackers claiming $ 5, and closed in April.
The American authorities have not released statistics on the widespread change in the ransom, but the FBI His latest warning noted that the attacks were “becoming more targeted, sophisticated and costly.
The company said that an online portal for reporting incidents had received 5 reports in 20 portals. But officials note that the number is probably “artificially low” because it did not include any reports from the field office or the agent or any other source.
“What we notice the most is that it costs not just direct costs, but also indirect costs of lost operations,” said Herbert Stapleton, the FBI’s cybersecurity chief. “We certainly see this as one of the most serious cyber-crime issues right now.”
European Union law enforcement Europol has gone ahead and called the ransom “the most widespread and financially damaging form of cyberattack.”
“We have success stories, but frankly, it’s getting more complicated,” said Fernando Ruiz, acting head of European Cyber Crime Center in Europol. “It’s a garden for them and we need to change it.”
Government authorities and security experts say the problem will only get worse before it gets better. Last month, the two security agencies identified a new variant of Rinsomware, known Snake Or Ekans, It seems focused on freezing software responsible for industrial processes at large oil and petroleum companies.
Attackers conducting ransom attacks have proven difficult to detect because technologies such as Bitcoin and anonymous anonymous messaging platforms allow them to communicate and deal with victims without having to be easily tracked.
Many criminals operate outside the reach of American law. The judiciary has charged hackers in Iran, North Korea and Russia, but no one seems to have threatened to extradite.
American authorities have suggested that most of these attackers remain They have been led by the security of their governments and helped their government by passing hacked files.
Security experts say the ransom has turned into an industry, with hundreds of gangs terrorizing the most lucrative losers. Some hackers specialized in “ransom as a service”, writing victim-facing software and selling it to others through the so-called Dark Web. Even created a customer service center for the victims and their payment.
In recent attacks, hackers often spend months searching for potential victims to locate areas within computer networks so that they tie up every important file.
They are often eager to prove to the victims that they return the files when the payment is made, to ensure the transaction is instantaneous. While victims did not pay, some gangs began publishing private files to pressure the public – such as one of the world’s largest electric wires and cables – that operate outside Georgia.
Southwire filed a lawsuit against its attacker, unknown hackers, asking the website where the company’s files were published. However, hackers soon moved their activities to a new site and released more files.
Some business organizations and city governments are taking out insurance to get ready for ransomware claims. Brian Sertein, head of Verizon’s Global Security Service, says he encourages clients to create slash funds with bitcoin.
“Almost everyone says we will never provide ransom, but when it comes to pushing, maybe two out of three have willpower,” said Mr Certin.
Law enforcement officials have warned attackers against giving them more confidence that they will get paid. But attacks have spread enough – and often paid for ransom – that cybersecurity insurance rates are rising.
The cost of the ransom can have the worst consequences, such as dealing with deleted gangs when they lock files.
Dr. Shayla Castle, who practiced for more than 20 years in Simi Valley, California, was hit by a ransom last August. After his corruption insurance linked him to a ransom negotiator and a forensic expert, he was told that even though he paid $ 50,000 for each digital key that his various servers could unlock, he had only a 15 percent chance of getting his files back.
Dr. Kassel said he had been weak for weeks, seeing patients who came through his door and recorded everything on paper. But in the end he decided that his files and business should not be tried to avoid being sued and at risk. He closed his practice in December, spending about $ 55,000.
“The hardest part 20 years later was to suddenly tell patients,” Yes, I’m leaving, “” said Dr. Cassell. “It was a painful decision.”