“17 billion paid in four months” – Corriere.it

Maze, a simple summary. For at least two years the dream of public and private companies, governments, multinationals like Canon, LG, Xerox. Hackers group Can block computers, steal data, and block blackmail companies and individuals. One dangerous group that first used the “name & disgrace” strategy was actually naming and insulting.

November 1, 2020 He announced on a large scale that the project was “closed”, In a press release posted online, insisting that there will be no heirs. But it did not disappear. Rather. A few months before the surrender, another band, more talented and powerful, appeared on the scene: Egregor. In a year Has launched more than 200 attacks And analysts believe it could be a screen for maze affiliates. And then there’s this one because there are so many Ransom MafiaAs it is defined, it finds the “analogous” criminal world: individuals come together as groups, form alliances, dissolve, and group themselves into cartels.

Report
One that tells of a war that has now become global Confidential report of the Italian intelligence This reconstructs the strategies of cyber criminals, their goals, and their origin. It contains the names and dates of a war in which Italy saw the most obvious consequences of an attack on the Lazio region. But above all it reports a statistic that makes it clear that in 2019: 9.7 billion euros in 2019 to prevent criminals from blocking corporate organizations and disseminating confidential information that figure has already reached 17 billion euros in the first quarter of 2021.

Attack
A ransomware attack uses these telematic viruses to “restrict access to users’ information systems and encrypt the hard drive.” Files cannot be read by their owner A specific cryptographic key is required to open them. This is where blackmail begins. Usually, a warning will appear on the screen of the affected computer, calling you to open the page where you can often find payment methods in cryptocurrencies. For the less experienced, multilingual customer support is also available. But since the end of 2020 the strategy has become more sophisticated.

Normally செயல்ப the function predicts that it will be able to proceed with the encryption of the existing data on the system Disposal of all information must be done – Analysts explain -. Until last year, ransomware attacks included encryption of data that was almost indefinitely available. Last year, the exposure of data on the Dark Web was added. This is the Magic “Revolution”, “Double Extortion”: If you do not pay for the cryptographic key or try to avoid a refund, we put your data online. From patents to customer or user information, many important pieces of information are at risk of becoming public. It is estimated that 50 to 70 percent of the victims will eventually pay.

Ransomware gang
Ransomware attacks have so far affected power and telephone network operators, Schools and Hospitals But also the listed companies. They blackmailed small and medium enterprises Disclosure of data to protect confidential information will be destroyed and industrial companies will be willing to pay. But above all, as happened when terrorist organizations took hostages, they dealt directly with governments. According to a recent reportRansomware level 2021 By Sophos, Most of the attacks come from Russia, China and North Korea, but there are other explosions in Vietnam, Ukraine and India.

The most exciting was launched in 2021 by the Rev group. In March, they asked Taiwanese company Acer for மில்லியன் 42 million. The same number per person in April Apple partner Do not spread industry secrets. After that, they targeted JBS Foods, which received a demand of 9. 9.3 million, in July, via supplier Casey. They have infiltrated the systems of many companies Asking for a total of 59.5 million euros. Some companies have publicly acknowledged the attacks. Last May 3.7 million euros was paid The Dark Side team was able to recover their data and later recovered 1.9 with the intervention of the FBI. In Italy, on August 6, the Zegna Group It was revealed that he was “not submissive to blackmail”. In fact, in our country, the list of people who have attacked and paid or stopped ransomware is long, but investigators suggest not spreading it precisely so as not to bring criminals and above all benefits. Emphasize their illegal activity.

Attack on Israel
A few weeks ago Pay2Key, It is of Iranian descent, Published a list with affected companies in Israel: Portnocks, Israel Aerospace Industries, Habana, Interelectric, MD, Infiaps and analysts “This is an attack with immediate economic intent but above all a threat to the geopolitical interests of the states and their vital infrastructure.”

Give the gang a part They also play a role in international relations. Reported by New York Times, The sudden disappearance of the Russians in July, after setting fire to the United States, is one reason Target deal between Joe Biden and Vladimir Putin. On the other hand, they move too As real companies. They reward innovation and work to keep reputation high: If someone pays without being able to return the data it is a problem, you are not very reliable. They are well-structured companies, with dozens of developers and machines, and they were created to cover costs Ransomware as a Service (Ross), Analysts explain, “a variation of business models for those who sell legal software.” The authors provide their ransomware under license, allowing buyers to add it to their attacks. Just like business software. In return, they ask for a commission of “20 to 30 percent of the amount of ransom given,” which they say is the most victimized, thus enhancing the reputation of their work. And as much as ransomware works criminals like it. Like any successful product.