2016, the year of “rançongiciel”? The extortionists software (or “ransomware”), which trap users or internet businesses before ransom, proliferate. These attacks, particularly publicized in recent weeks, concerns about growing.
In mid-February, pirates such claimed $ 3.4 million in a California hospital after being taken hostage its computer system through a “ransomware”. And while France, like other European countries, is not spared by this malware dubbed Locky, experts from the American Society for Information Security Palo Alto Networks have warned Monday that another “rançongiciel” had managed to penetrate the operating system deemed inviolable Apple, attacking Mac. The point about this phenomenon in 7 questions.
What is a “ransomware”?
the “rançongiciel” is malicious software that allows hackers to extort money from users whose devices are targeted. This type of “malware” is not new. In Europe, “he began to emerge towards the end of 2013,” says the “echoes” Heslault Lawrence, director of security strategies Symantec France.
According to him, users are now faced with a second generation of “ransomware”. The first: a hacker pretends to local police, said a user have detected illegal files (mp3, movies, pornographic images) on his computer and force it to pay a fine. The second, recently observed: the malicious software will encrypt the files (photos, documents, music) contained on the device to his victim and ask for a ransom to decrypt and recover
What magnitude of the phenomenon?
in 2014, Symantec recorded a growth of 4,500% of” ransomware “. “Most of the time when we see new types of attack, the growth is not as explosive,” says Laurent Heslault. For its part, Coatpont Tanguy, Managing Director of Kaspersky Lab France, indicates that there has been “last year, a wave of ransomware in France”, with epidemic peaks. In 2015, Kaspersky detected 180.000 “ransomware” on its customer base, 20% were businesses. An increase of 48% compared to 2014.
“The beginning of 2016 was very busy in France and Germany,” says Tanguy de Coatpont. Kaspersky Lab had identified early March more than 40,000 attempts to infection by a “ransomware” for its clients in the previous month. He says: “The ransoms are quite low, it may be 50 or 200 euros. People willing to pay quite easily. “The phenomenon is not about to stop. The expert adds that “there has been a professionalization of the attacks” and that they “became a business.” But he says the “ransomware” still constitute a small portion of prevalent malicious software in the world, even if it is “the most visible and most harmful.”
Which devices can be affected?
the most used in the world are the operating systems targeted. Before discovering that one of them had made his way on Mac OS, the operating system used on Apple computers, experts found on Android, the mobile operating system most common in world. The “ransomware” mobiles are constantly growing, says Kaspersky Lab. Last year, 17% of infections “ransonwares” targeting Android phones. For now, only the iPhone seem spared. “It’s more complicated because iOS is a pretty closed platform”, says Tanguy de Coatpont. “There is a priori no risk if the iPhone is not jailbroken,” he said.
Who is the target audience for these “ransomware “?
According to experts, one in particular is really targeted. Cybercriminals want to “infect the maximum number of users or companies, raking the widest possible because the amounts are relatively small,” says the CEO of Kaspersky Lab France. But most victims remain the general public. According to Tanguy Coatpont the amounts extracted were of the order of several million euros in France in 2015 and tens of millions worldwide.
How propagates a “rançongiciel”?
the “ransomware” interfere mostly in devices via emails containing infected attachments. “Most are Office documents, PDF documents and zipped” explains Tanguy Coatpont. The “rançongiciels” may also enter an operating system through an infected site. “By clicking on a link that leads to an infected site, malicious software can be downloaded without our knowledge and exploit gaps in our machine,” says his side Laurent Heslault Symantec.
How to protect yourself?
To protect a maximum of “ransomware” we must be very careful opening his email. Never open an attachment from an email sent by an unknown person. “Pay attention to hanging sentences. Cybercriminals are riding the news and curiosity. There will inevitably be things that will happen around the Olympics or Euro, “warns Lawrence Heslault.
The CEO of Kaspersky Lab France and Director security policies Symantec France also advise to make regular backups of your files: there will be no need to pay hackers to find them then. Make sure all software the machine are as current as possible can also be very useful, as a protection tool.
What to do if one is a victim of “ransomware”?
Do not turn an infected computer by a “rançongiciel” because the decryption key lies mostly in its RAM advises Tanguy Coatpont. Before you even consider paying hackers to find his files, you need to complain, says the CEO of Kaspersky Lab France. It also recommends contacting the National computer security agency (ANSSI) to try to stem the problem. According to him, “it is important to do so to integrate information and take legal action against cybercriminals.”
Anaëlle Grondin
No comments:
Post a Comment