Ransomware, Cryptomalware, Trojan, Cryptolocker, Phishing, … only barbaric names, and yet!
In 2017, all having a computer at hand or almost “almost” everyone … (to avoid offending anyone), we should all master this jargon. Indeed, a break is necessary in order to better understand THE computer security, because we are all concerned!
Bordeaux Business had the chance to be invited on January 27th to a thematic morning: The evolution of cyber threats and their legal implications co-organized at the Palais de la Bourse by Dépanordi Bordeaux and Kaspersky.
Let’s start by defining a few terms to familiarize yourself with this universe (this will prevent you from doing the research yourself).
Ransomware : ransomware or ransom software is malware that takes personal data hostage. To do this, a ransomware encrypts personal data and then asks their owner to send money in exchange for the key that will allow them to be deciphered.
CryptoLocker:cheval de TroieRansomware Trojan to attack Windows-enabled computers Windows installed on their machines. It appears to have been first discovered on September 5, 2003. CryptoLocker spreads by email and via a Botnet Existing. When the Trojan is activated, it encrypts several files present on the machine via a public and private key encryption. The key to unlock the set is then only stored on the servers hosting the malware. The Trojan then displays a message saying that to decrypt the information, it will be necessary to send a payment.
Phishing: Phishing, phishing or spinning is a technique used by fraudsters to obtain personal information for the purpose of impersonating.
Like chickenpox, it’s ugly, itches, and it affects a lot of people …
A ransomware attack is carried out every 40 seconds and nearly 25% of ransomware affects professionals. No sector of activity is spared.
The companies most affected are SMB (small and middle business) and 42% were affected by ransomware in 2016.
32% of them had to pay the ransom, 1 in 5 companies never had their files decrypted and 67% lost some of their data.
Don’t panic! If this happens to you, it is simply advisable not to pay and to call (very quickly) a professional specialized in the security of information systems.
Be aware that all cryptomalware payments are made in “Bitcoin.” On average, the ransom demanded is 300 euros.
However, it can go up from 1,000 to 30,000 euros for targeted attacks that account for 15% of ransomware.
“Equal opportunity” for better and especially for worse for all operating systems
The ambition (life choice?) of the Cybercriminal is to develop software to generate cryptomalware. Its commission will depend on the number of infections carried out.
Windows accounts for 85% of the market share of these attacks, while Mac accounts for the remaining 15%. However, nothing has yet been detected on the Chrome OS side. Attacks for 2017 are directed towards “full disk” encryption and “multi-key crypto.” Enough to give your computer servers a headache… Linux and Mac are no longer spared in this race to the shallot of the “nastiest ransomware”.
Who, who, who, the fault of whom?
At the heart of the infection, however, the user remains the most common factor: almost 80% of infections occur via e-mail and the infection is usually triggered by downloading an attachment.
We can only recommend that you protect yourself from email flows, including filtering attachments; or equip yourself with antivirus that will intercept all operations on the files. One thing is certain, your employees’ awareness of IT security will not be too much in the months and years to come, when we know that, more and more, the value of a company lies in its data, in its intangible heritage.