Ransomware: this word will do increasingly popular.
With it we refer to a computer attack consisting of kidnapping and encryption of all information of a device or a company.
Its operation is very simple: the CFO or accountant can receive an email with a file of an alleged bill.
As soon click on it to see what it is, the pirate who sends accesses the system, it is done with all data and blocks any access to that information.
From that moment, the pirates extort and threaten the company in exchange for recovering their material .
"Recently, an Andalusian medium - sized company in the food sector suffered one of these attacks and demanded an initial ransom of one million euros, finely, after negotiations, stood at 40,000 euros , " explains Alberto Ruíz Rhodes, salts Sophos engineer Iberia.
The modus operandi of these bands, the bitcoin is the international currency that allows these operations without trace in the traditional financial system.
Unfortunately, the case of this company is not isolated and computer security firms agree that in the coming months these attacks will be our daily bread.
"They're so cheap and easy to run that are spreading at a breakneck speed, are released in massive plan and there is always someone who falls. The SMEs will be the major victim, it 's going to come a time that will have to have a budget to address these abuses , "forward Antonio Ramos , a university professor of Hacking.
On the occasion of the celebration of World Day Hacker days ago, which met in Madrid in its fourth edition more than 2,500 information security professionals , we wanted to organize a debate in elEconomista around this issue of growing concern.
It was attended,
Apart from Ruíz Rodas and Ramos, Adolfo Perez Coronado , cybersecurity strategy and S21sec Technical advisor; Rafael del Cerro , System Engineer of HPE Aruba in Spain, and Eusebio Nieva, technical director of Check Point Iberia.
The latter explained that
"Ransomware provider sells it as a service and even makes clear business terms: you stay with 60% of everything you get infected and get through extortion and the other 40% is for me."
Not forget that encryption information is something legal that was developed for anyone to acquire and encrypt their own files. As in so many previous occasions, we are not facing a bad technology, but to a misuse of that application.
"This is one of the trends in cybersecurity most will see in the coming months . We will see an evolution of the threats we've had so far and cases will continue to multiply. Interestingly, in the last two years the most viewed attacks have been with virus that had years, there was even one with over a decade of life.
That means you have to be prepared for what I had and for everything that is coming , "says Eusebio Nieva, technical director of Check Point Spain and Portugal.
Not worth therefore think that hackers are only interested in attacking big corporations or institutions, as well. The ease with which such attacks is done, nobody is sidelined. Only varies the amount to be disbursed according to the turnover of the company.
And, as we have seen, in many cases it may jeopardize the existence and survival of the company.
According to the experts meeting, in the case of SMEs, the same communications service provider - the telecos- should provide that security with different filters ...
Also in the time when cloud computing services are contracted, the supplier is responsible for an important part of security.
" We will continue to hear cases and without learning. Only with s ense common and awareness can be prevented and we must be alert , " says Adolfo Perez Coronado, Cybersecurity Strategy & Technical advisor S21sec.
"There are still large organizations they do not even have contingency plans.
Has caught them off guard , " he adds.
Neither the government are psyched, to the point that even in the specifications of IT technologies contests require that the latter have certain security protocols , " adds the same expert.
So what to expect from a traditional SMEs, which does not suspect for anything that might be in the crosshairs of hackers?
One of the first mistakes is the lack of configuration of security tools.
We have fond to plug and play , that after turning on any device that starts working without further and, instead, these experts recommend that we take time to set the security tools to our own needs.
"The most intuitive security option, by default, is usually the easiest and also the most insecure.
The manufacturer sets general guidelines and thus avoids the user having to spend ten screens, something that frustrates you. What happens then? Everyone has the general options and so much easier to launch an attack, because it is easy to assume the road to be traveled , "says Eusebio Nieva , technical director of Check Point Iberia.
Ideally, these tools come configured in reverse, with everything closed and as they were looking at the needs were giving more and more access permissions. That would take time, but also keep us much safer from potential threats.
Rafael del Cerro, System Engineer of HPE Aruba in Spain, recalled in this debate in elEconomista the case of an industrial cold room that was connected to Internet and through which were stealing company information.
"It was detected that was moving Teras of information daily. It was a problem that should have been fixed since its configuration, because the machine did not have access to so much information."
This leads us to talk about everything related to the Internet of Things (Internet of Things, IoT), where concern is high. With so many networked objects, also they multiply the points of access to our data, which makes us also more vulnerable if we do not manage permissions we give to each of these devices.
The espionage carried out by the CIA through smart-tvs is one of the most recent, known for WikiLeaks.
It is also hackable a doll or robot that connects to the Internet and leave it to our children ...
And the hyper and unstoppable Digitization also has its risks.
"The automotive industry is what worries me most of all IoT, because in that case will be within an object, being connected, is also manipulable from anywhere.
I can go 120 kilometers per hour and to disable me brake or direction ... There, obligatorily should have rules , but the Administration has always moved behind the industry and often not allowed to advise , "says Eusebio Nieva , Check Point.
The problem of access is often not very sophisticated. And that forces us to talk once again of the need to maintain good and safe keys than or 12345, no password ...
" You raise a keyboard on any company and how many post-it you find the keys of different accounts?" He wondered Rafael del Cerro , from HPE Aruba .
"Workers also need to be aware that there may never use a corporate key to other external accounts gmail, outlook ..." he adds.
To find solutions, you need to discover errors.
"Another problem is that in any business the financial always has more power than the safety technician and usually require cheaper development, which is often also the least security has" explains Perez Coronado, S21sec.
For Alberto Ruíz Rhodes, Sophos ,
" In Spain only invests in security the company has already been compromised."
Antonio Ramos went further:
while they lack training in this field "culture and commitment to the industry, which will only take action when you force yourself missing. Al, in political see a generational gap and it adds that 90% are lawyers.
I remember once in a ministry that was the victim of an attack as the minister ignored the recommendations and the computer connected to the network when all was said infected because the virus could wait but its not working.
That proves how far unaware of the scope of these operations. "
All computer security experts meeting on the occasion of World Day for elEconomista Hacker agreed that lack awareness.
"How many times have we made an appointment to renew the DNI and tell you that no computer error?
We are used to these developments and platforms are built as shanties. A building falls and the architect is responsible. But if development falls, everyone gets away, "said another participant.
Have we started the cart before the horse then ?, we asked. "No, because there are many times that the important thing is to move and do things.
The first is activated and have the service, and after that we protect or see those risks and patches on patches are putting "answers Eusebio Nieva, Check Point.
In this unstoppable evolution toward digital, university professor in Hacking Antonio Ramos we discovered all the cards on the table:
"We have put vital services for the development of the human race on the Internet and there is no plan B for the day this can be compromised or fall.
The day that comes involucionaremos. To care for and know how to build the digital world because if not, we will go back. There is no plan B, or pull the DNI when it appears that there has been a computer error, "he concludes.
Abu Jaber, head of Tahrir al-Sham
