Connect with us


Serious cyberattacks in Europe doubled in the past year



The European Union’s Cybersecurity Agency, ENISA, told CNN that there were 304 malicious and significant attacks against “critical sectors” in 2020, more than double the 146 recorded the previous year.

The agency also reported a 47% increase in attacks on hospitals and health networks in the same period, as the same criminal networks tried to charge for the most vital services of the pandemic.

The figures show the growing global impact of cyberattacks, often in the form of ransomware, which has recently wreaked havoc in the United States when the Darkside group headed to the Colonial Pipeline network causing queues at gas stations for fear of scarcity.

The pandemic meant that “a lot of services were provided online and this was happening in a kind of hurry, so security was a later thought,” said Apostolos Malatras, head of ENISA’s knowledge and information team. At the same time, people stayed inside and had time to explore vulnerabilities in critical systems and infrastructure, he added.

Business surveys by British security firm Sophos also concluded that the average cost of a ransomware attack has doubled over the year so far. The survey estimated the cost of 2020 at $ 761,106, but this year that figure had jumped to $ 1.85 million. The cost includes insurance, loss of business, cleaning and ransomware payments.

The increase in cost reflects the greater complexity of some attacks, said John Shier, Sophos’ chief security adviser, who added that while the number of attacks had dropped, their sophistication had increased.

“They seem to be trying to be more intentional,” Shier said. “So they infringe on companies, understand exactly which company they failed to do, and try to penetrate as much as possible, so that they can extract as much money as possible.”

New threats

Both Shier and Malatras pointed to the latest threat of a “triple extortion,” in which ransomware attackers freeze data from a target’s systems by encrypting it and extracting it so they can threaten to post it online. They said attackers would adopt a third phase, using this data to attack target systems and blackmail their customers or contacts.

Do you want to receive a ransomware attack?  Here's what to do

“If you are customers of this company to which the data has been stolen, they threaten to disclose your information or they will also call other companies that are your partners,” Shier said. He added that the highest ransom payment he had ever heard was $ 50 million.

Another threat is “fileless attacks” in which the ransomware is not contained in a file, usually accessed by human error, such as clicking on a suspicious link or opening an attachment. Fileless attacks are filtered into a computer’s operating system and often live in RAM, making it difficult to locate antivirus programs.

Last week, the U.S. Department of Justice announced plans to coordinate its efforts against ransomware with the same protocols as terrorism, and the Biden administration is considering offensive actions against major ransomware and cybercrime groups.

The approach would be in line with what other allies took, including the UK, which in November publicly acknowledged the existence of a National Cyber ​​Force (NCF) to attack key threats to the UK online. A spokesman for GCHQ, the British intelligence and information security organization, told CNN: “Last year we declared the NCF, a partnership between GCHQ and the Ministry of Defense, with the mission of disrupting to opponents … using cyber operations to disrupt hostile state activities, terrorists and criminal networks that threaten the security of the United Kingdom “.

Monitoring of criminal transactions

While law enforcement and security experts say the best policy is not to pay ransoms, as these encourage criminals, there is some hope for companies to pay.

Better technology allows some security companies to track cryptocurrency, usually bitcoin, while criminals move it through different accounts and cryptocurrencies.

White House faces ransomware attacks as cyber vulnerabilities are covered
This week, FBI investigators have been able to recover some of the money paid to ransomware group Darkside by the Colonial Pipeline network, following an attack that caused a major disruption to gas supply in the United States.

Cybersecurity firm Elliptic, which helped the FBI in this trail, said the short time Darkside had the money meant he was unable to cybercrime the funds, so the route was easy to figure out.

“Right now, criminals want to charge in euros or anything to benefit from their criminal activity,” said Tom Robinson, chief scientist at Elliptic. This meant that the cryptocurrency was normally sent to a real-world financial exchange, to turn it into real-world cash, he said.

“If the exchange is regulated, you should identify your customers and report any suspicious activity,” Robinson said.

The tricks used to hide the path of illicit cryptocurrency by criminal groups are increasing in complexity, he said. Some use “mixing wallets”, which allow users to combine cryptocurrencies (such as shuffling used banknotes), making it difficult to track ownership. Robinson said regulating these portfolios and all exchanges would help slow down criminal incentives to use ransomware.

“It’s about identifying who the perpetrators are, but also about making it very difficult for these criminals to make money,” Robinson said. “It means there are fewer incentives to commit these types of crimes in the first place.”



Amazon Discloser Is A Participant In The Amazon Services Llc Associates Program, An Affiliate Advertising Program Designed To Provide A Means For Sites To Earn Advertising Fees By Advertising And Linking To Amazon, The Amazon Logo, Amazonsupply, And The Amazonsupply Logo Are Trademarks Of, Inc. Or Its Affiliates. As An Amazon Associate, We Earn Affiliate Commissions From Qualifying Purchases.