Blog

This malicious software spreads similarly to a Trojan horse and reproduces itself on several machines via the Internet like a computer worm. If the ransoms demanded do not exceed 500 euros for personal use, the price to pay for companies can easily reach millions of euros, especially if the data held hostage can cause significant financial loss. The sum of money to be paid is generally required in virtual currency in order to avoid any traceability.

British hospitals, French car manufacturers, Russian ministries and several thousand businesses and organizations have been affected around the world

The virus first appeared in 2005 in Russia. Modern versions have emerged in other countries such as Australia, Germany or the United States. In November 2012, security software publisher McAfee recorded 120,000 new attacks, four times more than the previous year. Between 2016 and 2017, ransomware increased by 36%, when the antivirus company Symantec announces that it has blocked nearly 320,000 attacks. Scareware is the simplest type of ransomware and can take the form of anti-virus software in which a message suddenly pops up claiming that the machine has several problems and in order to fix them it is necessary to make a payment in line. In May 2017, the WannaCry ransomware exploited a security vulnerability in Microsoft operating systems, particularly Windows XP, to infect more than 300,000 machines in 150 countries, demanding a Bitcoin ransom for decryption. British hospitals, French car manufacturers, Russian ministries and several thousand businesses and organizations have been affected around the world.

Cybercriminals use the power of AI to gain insight into their targets by analyzing huge amounts of data

Ubiquitous in all areas, artificial intelligence is also in demand in ransomware and cybersecurity. But if one expects miracle solutions from AI for data protection and the anticipation of malicious attacks, it’s hard to believe that AI is mostly used to deploy smart attacks. Indeed, thanks to AI, it is very easy for hackers to conduct automated phishing campaigns. These days, it’s basic for an AI to create emails with relevant, accurate content and without any spelling mistakes. Additionally, cybercriminals are harnessing the power of AI to gain insight into their targets by analyzing massive amounts of data. This helps identify which emails generate the most clicks, as well as the best time to launch an attack.

Nowadays, the ransomware threat is final: more targeted, more frequent and heavier attacks as a result. Oxibox [2] reports that nearly an attack every 11 seconds was reported for an estimated € 700m loss for SMEs in 2019. One in five companies pays the ransom without actually recovering the data. To this end, it is essential for a company to anticipate a possible ransomware attack, by adopting good practices. To do this, it is essential to have multiple backups of the data and to isolate them on remote servers in order to make them invisible to external attacks.

Ransomware attacks have grown by approximately 500% since their inception, leading to the emergence of entities to combat this malware. Such organizations offer services aimed at ensuring that a company can restore its essential data without impacting its activity. Cyber-resilience solutions are in place to protect data and ensure the ability to restart information systems as well as complete data recovery.

[1] https://fr.wikipedia.org/wiki/Exploit_(informatique)

[2] https://www.oxibox.com/fr/