Ransomware, what is it?
The first ransomware dates back to 1989. While ransomware hit the headlines with the global computer disruptions of 2017 -Wannacry / NotPetya, it never happened with such frequency as we know it now in 2020.
In France, ransomware processed by the National Agency for Information Systems Security – ANSSI recorded an increase of 51% between 2019 (69 cases) and 2020 (104 cases between January and September). In addition, certain sectors of activity are particularly affected: health, local authorities and services in the top # 3 most affected.
A recently published report from the Digital Health Agency shows a significant increase of + 40% in ransomware attacks directed against healthcare establishments in France during the year 2019, it is recalled. This confirms the sector trend reported above.
In addition, the first week of confinement due to covid-19 reflects a significant increase of + 400% in this type of virus.
As the name suggests, ransomware or ransomware is a computer attack whose objective is to obtain the prior acquittal of a ransom by the victim, usually in exchange for a key to decrypt their personal data. or confidential documents, taken hostage by the attacker. ANSSI considers this type of attack to be the greatest scourge of the current years.
How it works ?
- The most common vehicle ransomware exploits is corporate email. Typically, an employee at company headquarters opens an email and clicks on an infected attachment. Malicious code is activated. The virus will spread and be able to infect the entire computer network, thanks to the interplay between the networks.
- But there are many other ransomware attack vectors:
- a simple navigation on a compromised website,
- an enterprise software vulnerability that has not been updated (lack of security patch implementation, for example),
- an internal threat caused by human error, for example the case of an infected employee’s USB key which allows the virus to circulate in the company’s information system,
- indirect intrusion, for example by social engineering (the attacker masquerades as a company employee. He asks the victim if they can, for example, download and install a patch of software in common use in the company, which he has not managed to deploy remotely. Unfortunately, the employee complies and finds himself trapped, and at fault for having entered the malware into the company’s information system).
How is a ransomware computer attack characterized?
The singularity of this virus lies in its property of transversality. This type of attack quickly has a destabilizing effect in the company.
In fact, ransomware can shut down vital business communication functions such as: telephony, email or business applications. But also more seriously, to quickly cause disruptions in the supply chain or in the production of the whole company and not only that of an activity, a department or an entity of the company taken in isolation. NotPetya has managed to spread to millions of users, hundreds of thousands of computer systems and thousands of computer workstations around the world, it is recalled.
Unfortunately, neither the size nor the sector of activity of the company are criteria of exemption from this potential virality. The increasing professionalization of attackers illustrates this trend.
How to respond to ransomware in business? 8 things to do / 3 things not to do
What are the winning measures to minimize risk factors? 14 action plans that can be deployed before the attack is carried out
Ceo and founder, Data Privacy Officer, certified ISO 27001 Lead Implementer in cybersecurity at Alcees
t: +33 ( 0) 620 731 974
Founded in 2018, Alcees is a digital services company(dsc or esn in french) of French and European essence.100% cyber centric. Alcees offers communities ans public companies, banks, insurers, software publishers, healthcare operators, tailor-made consulting solutions to improve the performance of their operations and simplify their exposure to cyber risks through compliance with highest standards/norms and implementation of simple measures : technical, organizational, cognitive.