The struggle between computer security and a hacker is a classic case of confrontation between armor and a shell: the increase in the advantages of one side forces the other to build up its own forces. In this war, local defeats cannot be avoided. Therefore, it would be unfair to blame the victims of cyber-attacks mentioned in this article for being careless.
October began with a symbolic warning from the US Federal Bureau of Investigation: there is a growing threat of cyber attacks on US businesses and organizations aimed at obtaining a ransom. Many drew attention to the part of the message, which described the official attitude of the bureau to the fulfillment of the attackers’ demands by victims.
The FBI continues to oppose ransom payments, as it encourages criminals to search for new victims. However, in some cases, it refers to the owners of computer systems with the understanding that they can go to fulfill the requirements of hackers to protect the interests of their customers, shareholders, and employees.
US intelligence has repeatedly shown concern for American organizations, but the European city has come under attack. On the night of the first of October, criminals seized control of the municipal computer systems of the Spanish Jerez de la Frontera.
Hackers blocked the work of web services of several city institutions and demanded an undisclosed amount in bitcoins for the restoration of access. The Spanish Ministry of the Interior has sent three computer security specialists to the city. Mayor Mamem SANCHEZ then announced that municipal systems will not be restarted until their security level reaches 100 percent. Judging by the fact that the website of Jerez de la Frontera is now functioning properly, the actions of the administration were successful.
The computer systems of the American state medical organization DCH Health System, managed by a community from Alabama, were infected with the Ryuk ransomware virus on Monday, October 1st.
Attackers encrypted the patient’s medical records and blocked the work of three hospitals. The management of the organization decided to stop the reception of new patients, organize care and maintain the health of those already under treatment, and, if necessary, transfer the needy to other local medical institutions.
By the weekend, the undisclosed amount of the ransom was paid to hackers, and DCH Health System specialists received the keys to decrypt the data and began to restore the computer systems.
On October 25, hackers who called themselves the “ Shadow Kill Hackers Group” gained control of the computer systems of Johannesburg, the largest city in South Africa. Unlike the incidents described above, in this case, the data was not encrypted. Criminals reported that due to a variety of backdoors (illegal access methods), they got full control over Johannesburg's IT-systems.
The Johannesburg administration decided not to indulge the ransomware: important city services were turned off, experts began to investigate, restore access and eliminate vulnerabilities. It is worth noting that this is the second cyberattack on important computer systems in the South African city this year: in July (in South Africa it is mid-winter), the computers of the city energy company were attacked by a virus that left many residents without electricity.
Three cases of successful cyberattacks, of course, are far from being a complete list. Also in October, computer systems of a large German technology company Pilz were hacked.
From October 13, for about half a month, the specialists of this company restored their systems after the attack of the ransomware virus, supposedly called BitPaymer. The list goes on TrialWorks, Wyoming Area School District, Groupe M6.
And if you think that only attacks on large organizations that can pay huge sums immediately are beneficial for hackers, then you will be right, but only partially. Intelligent devices and networks surround people everywhere, including their homes, and can create security threats in the most unpredictable places. This was well demonstrated by computer security experts, who managed to give orders to the devices of the "smart" house, using a conventional laser pointer, while being outside the building.
The overall attitude towards computer system security must change. People must not be surrounded by devices that are too smart and complicated to understand, and therefore not under their control. However, it is probably already too late.