Why do hackers focus on “hunting big game”?

2024-02-20 12:15:14

Cybersecurity is one of the most important things in the world of the Internet in the twenty-first century. With the increasing dependence of sectors and individuals on technology and electronic networks in daily and practical aspects, implementing cybersecurity strategies has become an urgent necessity for any company keen to protect its systems from electronic attacks.

Cybersecurity is the process of protecting systems, networks, and programs once morest digital attacks targeting institutions and companies, which aim to access sensitive information to destroy it, or seize it to demand payment of a financial ransom.

Spending on cyber security

The majority of companies seek to be among the distinguished sectors in the digital economy, and as a result they spend huge sums of money on cybersecurity, which contributes to protecting them from the severe consequences of data breaches, ransomware attacks, and phishing operations, as data from Gartner Research shows that spending on… Data privacy, cloud security, and risk management reached $188.1 billion in 2023, with expectations to rise to $215 billion in 2024.

However, despite the huge global spending on cybersecurity, “ransomware” gangs were able to steal more than a billion dollars last year, which is the largest amount ever recorded in this field, as a report published by the blockchain research company Chainalysis, which analyzes… Transactions conducted by Internet gangs showed that “ransomware” pirates almost doubled the money they stole in 2023 to $1.1 billion, compared to $567 million in 2022.

Through ransomware, cybercriminals control the data and files of companies and institutions, and prevent them from accessing them, until they pay what has become known as “extortion fees,” where payment is made through cryptocurrencies, to ensure that the gangs are not tracked.

Big game hunting

According to Bloomberg, the Chainalysis report indicated that “ransomware” hackers are increasingly turning to the strategy of “hunting big game,” which means that they carry out fewer attacks but collect larger payments each time, given that they target large companies, institutions, and organizations capable of… An exorbitant ransom is paid. For example, over the past year, a ransomware gang collected more than $100 million by targeting a popular file transfer application used by thousands of organizations around the world. Among the prominent victims of the hack are the oil and gas company Shell, US federal government agencies, and airlines. British Air Force.

The Chainalysis report believes that the year 2023 was a disastrous year for ransomware attacks, as it witnessed the return of actors in this field, to carry out attacks with intensity and target high-level institutions and vital infrastructure such as hospitals, schools, and government agencies. The report also indicated that despite continued efforts… Government and private sector companies are fighting ransomware attacks, but according to the report, with every step they take, the hacker groups take two steps forward, which makes the work of experts more difficult.

A new American accusation once morest China of hacking and electronic theft

“Digital hostages”

In an interview with Iqtisad Sky News Arabia, the head of the technology company and cybersecurity expert, Mazen Al-Dakash, said that ransomware is a form of blackmail, as it succeeds in controlling the victim’s data and systems, turning him into a “digital hostage” who is then released. In exchange for a financial ransom, cybercriminals can use multiple attack methods to control the victim’s data, including luring him to visit unsafe websites, downloading hacked applications, or even targeting him through emails, indicating that hacks can occur as a result of mistakes. Simple and unintended by humanity, this explains the continued success of these attacks despite the huge expenditure to confront them.

According to Al-Dakkash, studies show that during the period from March to May 2023, cyber hackers around the world carried out a ransomware attack every 5.2 seconds, with expectations that the number of attacks will rise to one every two seconds in 2031, revealing that the amount of 1.1 billion US dollars, The amount paid to cybercriminals in 2023 is small compared to the financial losses caused by ransomware attacks, which exceed tens of billions of dollars due to their disruption of the business and production operations of many large companies. For example, the cyber attack that the Clorox Company was exposed to in the summer of 2023, which led to… Production stopped in its factories, costing it $356 million in sales.

Al-Dakash explains that some organizations that are exposed to a ransomware attack choose to comply with the demands of the pirates and pay them. Although this is not the best choice, it may be the only option available to these companies. Recently, ransomware pirates are experimenting with a new type of attack, It makes it impossible for victims to recover their data, if they do not pay money.

Why have the attacks not stopped despite spending on cybersecurity?

For his part, communications engineer Issa Saad El-Din said, in an interview with the “Eqtisad Sky News Arabia” website, that in the world of electronic attacks, there is always one truth, which is that hacks will always occur, and their frequency and severity will increase over time. This is the constant and inevitable matter. From him, pirates are developing their criminal methods, at a faster pace than ever before, given that it generates hundreds of millions of dollars for them, indicating that some may wonder why spending billions of dollars annually on cybersecurity has not protected these attacks from occurring, and the answer here is clear, and it is Without these billions spent, the bill for “extortion fees” resulting from “ransomware” would have reached trillions of dollars annually, and would not have stopped at the level of $1.1 billion as happened last year.

Saad El-Din confirms that ransomware attacks will continue to make headlines in the world in the coming years, and in their quest to achieve profits, attackers will target all types of institutions, starting from automobile and electronic device factories, through oil refineries, all the way to financial institutions, telecommunications companies, and the media. Hospitals and universities. All attackers need to do is find a single weak point in the system of companies and institutions. He pointed out that human error is responsible for most ransomware attacks, as it is easy for attackers to deceive employees within companies and penetrate them electronically.

“Extortion fees” will continue to rise

Saad El-Din stresses that all that can be done is to mitigate the impact of ransomware attacks, and close the loopholes through which hackers can enter companies, through healthy operational practices, educating employees on Internet security practices, in addition to setting strict access controls on systems. mission and sensitive data stores, in addition to imposing restrictions on file-sharing tools and systems within companies, warning that despite all these measures, attackers will continue to advance rapidly, and this explains the rise in “extortion fees” from $567 million in 2022, to 1.1 billion. Dollar in 2023. This skyrocketing is because pirates have become aware that they have an easy source of making money.

1708457861
#hackers #focus #hunting #big #game

Leave a Replay