After successfully extorting Colonial – the largest fuel pipeline operator in the US, the world’s leading meat processing corporation became the target of ransomware.
In a statement on May 31, JBS USA said it detected an organized cyberattack that affected several servers that support the corporation’s information technology systems at its North American facilities. and Australia. JBS is the world’s largest meat processing company, with operations in many countries such as the US, Australia, Canada, Europe, Mexico, New Zealand and the UK. The company said no customer, supplier or employee data was leaked or used for shady purposes following the cyberattack. However, the company said it will take a long time to resolve this issue and as a result, some transactions with customers and suppliers may be disrupted. All US beef processing plants under JBS have stopped production, affecting nearly a quarter of the total supply in the US market. The company’s other meat processing plants were also disrupted to a certain extent. Photo: Visual China Although the company has not publicly stated that it is threatened by ransomware, the White House said the attack was ransomware, possibly from a group based in Russia, although JBS has not made it public. confirm this. White House spokeswoman Karine Jean-Pierre told Reuters the FBI was investigating. Ransomware is malicious software that encrypts a target’s system, preventing users from accessing and using their computer system or document files (mainly detected on Windows operating systems). In some cases, hackers also gain access to the target’s data and demand a ransom if they want to get the data back. Since November last year, a series of ransomware attacks have targeted well-known companies such as the US factory Foxconn, Apple’s Macbook Quanta laptop assembly partner, and the Colonel Pipeline pipeline company. Among them, Quanta has stolen a large number of drawings of the new MacBook, which has a certain effect on Apple. The hacker group asked Apple to pay a ransom of $ 50 million to not publicly publish the data they have, Apple flatly refused. Leading US fuel pipeline operator Colonial Pipeline has shut down its entire network following a ransomware-related cyberattack. According to CNBC, the company Colonial paid $4.4 million in ransom in the form of Bitcoin cryptocurrency to the DarkSide hacker group. For these companies, there are two issues that need to be considered: First, why the security team can’t resist hacker attacks; second, what role does cryptocurrencies play in these transactions? The “fragility” of businesses before a cyber attack When you hear the word “cybersecurity,” you probably think of large companies or government organizations that invest tens of millions of dollars in firewalls, anti-virus software, and other security protocols to protect their systems from potentially malicious attacks or data leaks. Or you would think of the large internal cybersecurity teams who are knowledgeable and know how to deploy the latest technology to fight hackers and protect corporate information. The reality is that security issues affect every company – from the smallest store, fledgling startups to the largest multinationals. Any system is not immune to loopholes, and hackers who have the guts to attack large businesses are organized and premeditated. The security team of a large enterprise cannot avoid negligence, giving hackers the opportunity to take advantage. Hackers take advantage of cryptocurrency to make blackmail transactions Photo: QQ After successful attacks, many hacker groups now demand ransom in the form of cryptocurrencies, namely Bitcoin instead of real money. All transactions are assigned to Bitcoin addresses, but this address is not assigned to a specific person or organization. To increase anonymity, each transaction you can use a Bitcoin address to send and receive money, no one can know who you are. So Bitcoin is definitely the best choice when it comes to making illegal transactions. As the most valuable cryptocurrency today, Bitcoin has become a favorite object of hackers. The market value of cryptocurrencies skyrocketed around October of last year. Since mid-May of this year, this market price has been continuously falling, but it seems that the cryptocurrency still has a chance to explode again. In 2017, a type of malicious code called WannaCry opened a huge cyber attack in 150 countries, causing many users’ files to be locked. If they want the right to unlock, the victim has to pay the hackers 300 USD worth of Bitcoin. In 2019, hackers attacked the city of Baltimore (Maryland state, USA), froze thousands of computers, turned off emails … and demanded the city pay about 100,000 USD in Bitcoin. Ransomware attacks will get stronger and stronger Photo: QQ According to Ekram Ahmed, a spokesman for cybersecurity firm Check Point: “Hackers are pursuing larger and more advanced targets because they know they can succeed. Networks like Colonial paid $4.4 million in ransom, ransomware monetization will attract many new entrants. Things are getting worse, and I firmly believe that ransomware is now a national security threat.” . The consecutive attacks signal a worrying trend in ransomware attacks, especially those that can cause major disruption. Ransomware attacks are becoming more and more common, although hackers often find smaller and more vulnerable targets, less network security, and will pay a ransom to keep their systems normal. usually return as quickly as possible. Cryptocurrencies like Bitcoin have made it much easier for hackers to obtain ransoms. “Ransomware is now a lucrative business for hackers. Since the beginning of 2020, the number of organizations affected by ransomware has increased by 120%.” According to a recent report by cybersecurity firm Sophos, the average cost of recovering from a ransomware attack also appears to have doubled. Software company Chainalysis determined that $350 million was spent on ransomware ransoms in 2020. But it can be difficult to know the full scale of the attacks and the amount of ransom paid, because many the company did not report them in the first place. CNA Financial Corporation, one of the largest insurance companies in the US, paid $40 million in ransom last March, which was revealed only two months later. Law enforcement agencies advise businesses hit by ransomware not to pay the ransom, and say it will encourage hackers to continue demanding increasingly high amounts. However, not every company has the technological capabilities to deal with a group of hackers as sophisticated as Apple.
You must log in to post a comment.