Last week, the Renner store chain was the latest victim of a ransomware attack.
“Ransom” means kidnapping. And that’s exactly what happens. The victim has data and systems hijacked by the attacker, who demands the payment of ransom in cryptocurrencies to restore normalcy. In Renner’s case, the required upfront payment was $1 billion.
The impact of this type of attack is devastating. Until Friday (20) night, Renner’s website was down with the phrase “we have a systemic downtime and our team is working to normalize access”. Attacks also often paralyze essential business operations such as accounts payable and receivable. That’s why criminals tend to ask for huge amounts of money to return the data.
Paying the ransom is not a good option. As a lawyer, I always remember that paying a ransom can constitute a crime of procedural fraud. More than that, nothing guarantees that criminals will restore systems.
The exception to this recommendation is when human lives are at risk, in which case paying the ransom may be justifiable. However, the victim’s situation is always painful. No one deserves the feeling of disbelief, panic, fear and helplessness that comes with being faced with a computer screen announcing the attack.
The problem with ransonware is that it has turned into a highly professionalized operation. There is even a “call center” available 24 hours so that the company can ask the attackers about how to pay the ransom and even bargain the price.
The popular imagination likes to think of the author of this type of attack as being “the hacker”. In Brazil, it has even been common to blame “the hacker” for inexplicable facts. However, the image of a lonely boy attacking companies is past.
Today’s attackers are mainly criminal organizations and national states. As ransonware is able to make money with relatively low risk, there are authoritarian countries that adopt the practice to evade international sanctions.
Ransonware can also create legal liabilities for the victim. The General Data Protection Law requires companies to adopt “security measures capable of protecting personal data from unauthorized access and illegal situations of destruction or loss”. This only adds to the drama, as the victim can later be held liable for damages for not following the measures required by law.
More worryingly, the attacks are getting more sophisticated. The latest tactic is to co-opt company employees to help with the attack. This happens through messages to employees with texts such as: “If you install this program on any computer or server in your company, remotely or physically, you will receive 40% of the ransom”. The message then provides an email from the attackers and a Telegram profile for those interested.
For all these reasons it is no exaggeration to say that a pandemic of ransonware attacks is underway. To contain them, measures of various natures are needed, involving the private and public sectors, the scientific community and, above all, more international cooperation.
- IT’S OVER: Do not back up (backup)
- ALREADY: Despair at being attacked by ransomware without having robust backup
- IT’S COMING: More Brazilian companies and government agencies attacked by ransomware
PRESENT LINK: Did you like this text? Subscriber can release five free hits of any link per day. Just click on the blue F below.