The war in Ukraine and blackmail Trojans are exacerbating the tense IT security situation: According to the BSI (Federal Office for Information Security), such cyber blackmail is becoming the biggest IT security threat. This is confirmed by a study by the IT security company Sophos: Around 67 percent of the companies surveyed in Germany (66 percent globally) were affected by ransomware in 2021, compared to only 46 percent in 2020. The study “ The State of Ransomware 2022 ” puts the average ransom paid at EUR 253,160 – twice as much as the year before.

“Organized ransomware crime earns billions from attacks,” says Prof. Norbert Pohlmann, head of IT security at eco – Association of the Internet Industry. v.

“Cyber ​​criminals are currently taking advantage of people’s general uncertainty to break into IT systems using phishing attacks.”

Many of the professionally organized hacker groups operate from China or Russia.

“This basically also applies to critical infrastructure. “Due to the current crisis on the energy markets, the electricity, gas and mineral oil sectors are extremely relevant and must be particularly protected from cyber attacks,” says Prof. Pohlmann.

Red alert

The BSI assesses the security situation as tense to critical; in some cases the red alert applies!
The attack vectors of the attacks are similar. The hostage takers primarily target administrators whose passwords are discovered. This is usually achieved via phishing attacks, i.e. via an email with a dangerous attachment or link. The criminals use publicly available information on websites and social media to find out in advance how to reach and best deceive IT department employees.

If the attackers gain access to company systems, they initially act unobtrusively and prepare to encrypt all data and systems or copy customer data with the aim of using it as a means of pressure. On the day of the crime, they strike, encrypt the data and demand a ransom.

Many hacker groups operate from Russia and China

The BSI recommends not paying the demanded ransoms. But 42 percent (46 percent globally) of German companies whose data was encrypted still paid the ransom to get their data back, the Sophos study shows. An insurer in the US is said to have paid up to $40 million to regain control of its own systems. “Don’t accept ransom payments, says BSI President Arne Schönbohm in the eco podcast Das Ohr am Netz

“Anyone who has paid once pays again and encourages copycats.”

The IT Security Act requires companies that operate critical infrastructure to report cyber incidents. BSI President Arne Schönbohm also appeals to all other companies to contact the BSI immediately in the event of cybersecurity incidents:

“Anyone who falls victim to a ransomware attack needs help quickly – we can help with that. Becoming the victim of a crime is not dishonorable.”

The BSI treats such reports confidentially.

However, it's best to do everything you can to minimize the risk of a successful ransomware attack in the first place. With the aim of providing practical assistance, the companies Sophos, Microsoft and Rhode & Schwarz have joined the Ransomware initiative under the umbrella of eco - Association of the Internet Industry. V. merged.

The initiative strongly recommends these technical and organizational precautions:

  • Create cybersecurity awareness among your employees. Phishing, be it by email or telephone, is one of cybercriminals' most successful tools.
  • Use strong passwords and strong multi-factor authentication where possible.
  • Only allow external connections to internal systems from specified IP addresses or via VPN.
  • Be careful when assigning user rights. In particular, administrator rights should be reserved exclusively for expert IT staff.
  • Only allow apps to be installed from trusted sources.
  • Unusual network activity is a clear alarm signal; respond to warnings from your monitoring software.
  • Disable scripting environments and macros from external sources. The majority of malware is introduced via Office files.
  • Install updates for the software and operating systems used promptly.
  • Check your business continuity management (BCM) and IT emergency plans and prepare yourself to temporarily have to do without external service providers in the event of a large-scale cyber attack.
  • Review and test your backup strategy. Backups should exist for all business-critical systems and reloading them should also be tested.

Source: eco – Association of the Internet Industry e. v.

Also read: USA plans to destroy German economy through war in Ukraine? – Authenticity of the secret document questionable!


If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:

📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.

Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!

* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!


Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )