Interface news editor
The digitalization of industry is accelerating, and businesses are facingCybersecurityNew challenges。
Recently, pitto network published 2023Extortion softwareThe threat report, based on investigations into nearly 1,000 cases of extortion over the past 18 months, presents a global picture of extortion attacks. Extortion software attacks, which have been used more frequently in recent years, refer to cyberattacks aimed at ransom, where the attackers usually steal, encrypt, etc. Data, in order to blackmail the injured enterprise to pay the ransom to obtain decryption codes or restore the system to normal functioning。
The massive global outbreak of the wannacry virus in may 2017 was an extortion software attack. The virus encrypts the document after hacking into the target computer, which can only be decrypted by paying bitcoin. Wannacry is a combination of blackmail viruses, worm viruses, and the blue of eternality, and is extremely capable of infection. In just a few days, wannacry has infected more than 200,000 victims in 150 countries, many of whom are large businesses and businesses, including the british national health service (nhs), telefónica and fedex。
The hackers staged extortion attacks to gain economic benefits. Reports indicate that in 1,000 related cases, the maximum ransom paid by the victims amounted to $7 million. It is noteworthy that there is a significant difference between the amount of ransom demanded by hackers, which is $650,000 in median terms, and the amount actually paid by businesses, which is only $350,000 in value, representing a 46 per cent difference, indicating that hacker organizations involved in extortion attacks are eager to obtain ransoms and have room for negotiation。
Extortion software organizations increase the intensity of attacks through a variety of means of extortion, forcing affected businesses to pay ransom quickly under pressure. Common methods include encryption, data theft, distributive blockage, etc. According to the report, in the light of recent trends, hackers also combine extortion software with data leaks to increase the level of threats to victims, such as threats to publish stolen information on dark webs or competitors to increase pressure on victims to pay ransoms. By the end of 2022, nearly 70 per cent of extortion software organizations had used this method, an increase of 30 per cent over the previous year。
The former chief sales manager of the greater china region of the pittaku network, dong chuntao, told the interface that the attackers often posted data on businesses on the internet, and that data on an average of seven fraudulent software-victims per day appeared on these websites, equivalent to adding one every four hours. In addition, the nature of the companies targeted by extortion software, including these entities, is changing, with hackers focusing on businesses and, more recently, hacker organizations targeting vulnerable groups, such as schools and hospitals, indicating that the overall bottom line of the attack is decreasing。
The report shows that:ManufacturingThe professional legal services industry, one of the most affected by extortion attacks in 2022, usually has a strict production cycle or delivery pressure, of which the manufacturing sector is of the greatest external concern and 447 enterprises have been victims。
Kolonier pipeline transport company (c)I don't knowThe incident at nidal pipeline, hereinafter referred to as colonill, is one of the most influential cases of extortion-related attacks in manufacturing in recent years. In may 2021, the united states major finished pipeline operator, kolonier pipeline, was forced to suspend the shipment for five days as a result of the blackmail virus attack. Eventually, kolonier paid nearly $5 million in ransom to network hackers to restore the system that had been attacked。
Dong chuntao stated that it was easier to be forced to pay ransoms because of the severe consequences of the suspension of operations and the disruption of operations as a result of extortion attacks. Such industries usually insist on using old software, which also increases the risk of attack. In addition, equipment is difficult to identify, leading to a lack of targeted protection, security problems with respect to large amounts of data generated during the digital transition, intellectual property protection and avoidance of disruptions in core business, among others, are challenges and challenges for manufacturing。
Similar to the software or services (saas), the extortion-attack industry has developed a black-and-shell business model of “extortion software or services”. Raas operators are responsible for the development of bottom-up extortion software packages, the creation of control desks, the establishment of payment portals, the management of leaks, etc., while its allies, recruited through underground forums, are primarily targeting the software, conducting extortion attacks and communicating with victims. According to the report, the most active extortion software organizations include lockbit and blackcat (alphv). Lockbit is known for encryption speed. Blackcat is a blackmail software or service (ransomware-as-a-service, raas) because its commission is divided into lower fees than other similar services。
China is also facing a complex security situation. “the mainland chinese market ranks sixth in the asia-pacific region in terms of the number of extortion software attacks received, with australia, india, japan, taiwan, thailand ahead.” “many attacks against the chinese market come from organizations outside the country, including lockbit, hive, blackcat, etc.”
