Hackers who use the names of cartoon characters as pseudonyms rule the dark side of the Internet. They are usually located in countries that do not cooperate with the international police force and do not care if the victims of their attacks are hospitals or multinational corporations. They are seemingly unstoppable and very successful, and more and more often because of them, the owners of the giant companies are left with empty pockets. Now the states are also afraid of them.
In June of this year, meat company JBS paid hackers 7 7.8 million to regain access to its computer systems. That same month, the largest US national gas pipeline, Colonial, paid 3m to hackers after locking down the company’s systems, causing several days of fuel shortages and paralyzing the east coast, the Guardian reported .
“It was the most difficult decision I have made in my 39-year career in the energy industry,” Pipeline CEO Joseph Blunt told Congress.
In July, hackers also attacked software company Casey, demanding милиони 50m. As a result, hundreds of supermarkets were closed in Sweden because their cash registers were closed.
How do they extort money?
Criminal gangs first hack into Internet-connected computer systems, block access to them, and then sell the decryption key in exchange for bitcoin payments. They target all schools, hospitals, airports, government agencies, pipelines, universities, insurance companies, chemical distributors, and even weapons manufacturers. No one has hacked the air traffic controllers yet, but some believe it is only a matter of time.
All organizations are vulnerable, and “ideal” are medium-sized companies, which have enough revenue to pay the ransom, but are not large enough to have cybersecurity teams.
“Anyone using Internet-connected computer systems is vulnerable,” said Dr. Herb Lynn, a Stanford University cybersecurity expert.
These hackers act like organized gangs. Some of the members specialize in identifying compromised systems and gaining access, while others deal with redemption negotiations.
How dangerous are they?
“I know some even have access to ballistic missile launch systems … It is quite possible that they will start a war,” an unnamed Reville spokesman said in an interview.
“But I do not think they will do that because it is not profitable,” he added.
Today, these gangs often extort money from individuals. If the victims do not pay, their stolen data is “thrown” on the Internet or sold on Darkweb to the best bidder. Some of the stolen data can cause serious problems for the victims. Reville recently threatened to reveal the secrets of Invernergy CEO Michel Polski after he refused to pay a ransom.
“We know his secrets, we will share with you some disgusting photos and very interesting facts from his life,” the hackers wrote on their dark web blog.
The coronavirus introduced new rules of the game
The pandemic proved particularly fruitful for ransomware gangs. According to a report by cybersecurity software company Bitdefender, attacks increased by 485 percent last year.
“Since the beginning of the pandemic, more people have been working from home than ever before,” said Sofia, a crisis communications expert who specializes in advising ransomware hacker companies.
In previous years, they even managed to hack people through “remote controls”.
“More time on the internet means more ways for possible attacks. “In the last year and a half, the rules and ways of playing (hacking) have completely changed.”
Everyone who pays for the racket is obliged to remain silent
What is specific to all victims of hacker attacks is that they abide by the Omerta Code, a law of silence that has existed since the heyday of the Italian mafia. The rule is followed literally, no one will tell you a word about it.
“There is stigma and fear of new victims,” an unnamed source told the Guardian.
There are a small million in Russia
Russia and Iran are the main bases of hackers using ransom. Cyrillic is most often used on forums where hackers communicate with each other.
“No one is saying that the Russian government is carrying out these ransomware attacks, but they provide a space in which Russian cyber-mafias operate smoothly and prepare hacker attacks, which they then carry out outside Russia. The state turns a blind eye to that. “The tacit agreement is that only if you hack the Russian system will you have problems.”
Asked why the Russian authorities were so lenient, Lynn said it was probably because Putin himself was afraid of them.