The Limited Times

Now you can see non-English news...

Multisystem Injury: On the Damage of Infidelity Attacks - Walla! TECH

2021-05-05T06:05:11.539Z


Last week, the Washington police information system in the US was attacked, which created another crack in trust towards public organizations. The problem of the attacked party: even if he chooses to pay the ransom, in most cases the information will not be released.


  • TECH

  • Cyber

Everything in cyber

Multi-Systemic Damage: On the Damage of Infidelity Attacks

Last week, the Washington police information system in the US was attacked, which created another crack in trust towards public organizations. The problem of the attacked party: even if he chooses to pay the ransom, in most cases the information will not be released.

Tags

  • Cyber

Yotam Gutman

Tuesday, 04 May 2021, 08:24 Updated: 10:50

  • Share on Facebook

  • Share on WhatsApp

  • Share on general

  • Share on general

  • Share on Twitter

  • Share on Email

0 comments

Of all the forms of cybercrime, heresy has the most immediate and significant impact. A ransomware attack begins like most cyber attacks - attackers manage to infiltrate a vicious organization that locates the sensitive information in the organization's possession. From the same point the attackers will take two different approaches - some will observe the information, some will send the information out of the organization and then we will observe it. They will then bring to the attention of the victims the fact that they have been harmed and will ask for a ransom payment - usually in Bitcoin. Refusal to pay will result in the information remaining encrypted.



Because many organizations have external backup mechanisms (i.e., they can delete infected workstations and recover the information, so that usually only information generated in the last 24 hours is lost), the attackers add a new "twist" - they threaten to publish the information stolen from the organization if not The ransom will be paid.

This means embarrassment to the organization being attacked, and sometimes it even puts it in a legally problematic situation (if it is sensitive information from customers or users) and can lead to lawsuits from customers or the authorities.

In such a case, the organization will sometimes prefer to pay and avoid public embarrassment or litigation costs.



However, there are other aspects of infidelity that are not so clear.

A ransomware attack can paralyze the organization so that it cannot function and serve customers - which can lead to significant losses.

Another aspect is damage to the reputation, and specifically, the trust of customers and service consumers.

This is especially noticeable when the body being attacked is a public body, and especially one that is supposed to provide citizens with law enforcement or health services.

More on Walla!

NEWS

The passion for engineering begins here: the college that offers a unique learning experience

To the full article

The problem: Even when the demands are met, the attackers do not release the information (Photo: ShutterStock)

Last week, cybercriminals from the infidelity organization "Babuk" attacked the information systems of the capital Washington police.

The breach did not appear to affect the functioning of the organization's systems, but it turns out that large amounts of sensitive information were stolen during the investigation - investigation documents, personal files of police officers and more.



The Washington police chief addressed police and their families in a videotaped statement in which, on the one hand, he tried to reassure when he said the police were investigating the incident and no sensitive information was stolen, and on the other he urged police officers and their families to be vigilant about And will be used against those people.



The DC Police is not the only police force dealing with ransomware attacks. The Persca Eyal police, a town in the northern state of Maine, also suffered a ransomware attack (by the Avadon group). These attackers also threatened to leak the stolen information if the ransom was not paid. These attackers were more theatrical. They added a clock that was counted back to zero time when the information would be destroyed and leaked. In practice, after the end of the 10 days given to the police, during which the ransom was not paid - nothing happened.



Not only do police absorb ransom, but the justice system does. The Illinois Attorney General's Office has suffered a DopplePaymer ransomware attack, and the attackers have already leaked a number of confidential legal documents. Such an attack (apart from the immediate damage to operations) causes psychological damage and a loss of public trust in those bodies that are in charge of maintaining order and law. If these bodies are unable to protect their systems and the information they hold (which concerns, for one reason or another, all of us), how are citizens supposed to expect them to protect and safeguard them?



When health bodies are attacked, the damage is even more severe.

Hospitals, research institutes and day clinics, which are already kneeling under the burden of treating corona patients, have been hit by a flood of cyber attacks in the past year.

Just this week, services from Elekta, a company that provides radiology services to cancer patients at more than 70 sites across the United States, were shut down due to a ransomware attack by an unknown source.

As if public confidence had not been cracked as well.

Washington Police Vehicles (Photo: GettyImages, Stefanie Reynolds)

Yotam Gutman (Photo: Sentinel One)

All of these heresy attacks come during the week when the Task Force for the War on Infidelity - a body of representatives from more than 60 bodies in the United States (academia, government bodies, law enforcement, the cyber industry, etc.) publishes its recommendations for the war on infidelity For ransom payment requirements.



A recently published study reinforces this claim. 92% of the victims who chose to pay did not receive the encryption keys or were unable to release the encrypted information in full. It was to be hoped that the Corona year would somewhat lower the motivation of the attackers, but the opposite is true. They also do not seem to be undecided and attack all types of bodies, including those public bodies that are responsible for the proper lifestyle of us all.



Because heresy is the most lucrative and growing form of cybercrime, and attackers are not afraid to attack government bodies, law enforcement and health services, one can only assume that the damage will be great and we have not yet seen the tip of the iceberg of this disturbing and dangerous phenomenon.



Yotam Gutman is the marketing director of the cyber company SentinelOne

  • Share on Facebook

  • Share on WhatsApp

  • Share on general

  • Share on general

  • Share on Twitter

  • Share on Email

0 comments

Source: walla

All tech articles on 2021-05-05

You may like

Trends 24h

Latest

© Communities 2019 - Privacy

The information on this site is from external sources that are not under our control.
The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.