Ransomware is a rapidly growing threat that has recently become a global disaster. As a result of using such programs, hackers block computer systems by encrypting the data, and then demand payment to unlock the system. According to US news agencies, these programs have affected everyone in recent years, from banks and hospitals to universities and municipalities. Last year alone, nearly 2,400 organizations in the United States fell victim to such attacks. But experts say attackers are increasingly targeting the industrial sector because those firms are more willing to pay to regain control of their systems.
Ransomware is not just a software product that leads to financial extortion, it is a crime that ignores business, government, academia and geograph boards. The activities of such products also affected the health sector during the COVID-19 pandemic, and became the result of the closure of schools, hospitals, police stations, government organizations, and U.S. military facilities. It is a crime that directs both private and public funds to global criminal organizations. Proceeds from extortion can fund illicit activities, ranging from human trafficking to the development and proliferation of weapons of mass destruction.
Statistics for May 2021:
- 21 days - the average period of blocking the system as a result of an attack by a ransomware.
- 287 days - the average time that takes for a company to recover from a ransomware attack.
- $ 350 million - paid by victims of attacks on extortionist programs during 2020 (which is 311% more than in 2019) .
- $ 312,493 - the average statistical amount of a one-time payment for unlocking a computer system that was attacked by a ransomware program (which is 171% more than in 2019) .
In March this year, Acer was attacked by hackers. Using the REvil extortionist program, the attackers demanded from the Taiwanese manufacturer the largest known ransom to date - $ 50 million.
In the beginning of May, the representatives of the American fuel company Colonial Pipeline, which supplies fuel to the US East Coast, were forced to suspend some systems in order to localize the threats posed by a large-scale cyber attack. Colonial Pipeline transports about 2.5 million barrels of refined fuel daily, accounting for 45% of all fuel consumed on the East Coast of the United States. As a result of the shutdown of the largest fuel operator, Colonial Pipeline, the US government declared a regional emergency in 18 states
. According to the subject matter experts and journalists, hackers of the DarkSide group, which allegedly operates from the territory of the Russian Federation, may be involved in this cyberattack.
Despite the published statement, which was made in May 10 by DarkSide as to apolitical approach and non-involvement in any government organization, attacks on critical infrastructure are part of a hybrid war waged under the controlled "non-interference" of intelligence officials.
Prior to that, in February this year, the representatives of the hacker group DarkSide were involved in cyberattacks on Brazilian energy companies
It is noteworthy that the victims of extortion programs are mostly organizations or companies from the United States, Great Britain, Australia and Brazil