Ransomware ‘pay up or lose your data’ threat spreads in EU

Hackers are increasingly often using ransomware, blackmail viruses that demand ransom from the owner of the infected computer. One click on what looks like an ordinary email from a customer is enough to make the company a victim of extortion. EURACTIV.cz reports.

The article was originally published on 16 October 2017 on Aktuálně.cz, EURACTIV.cz’s media partner.

It looked like an ordinary e-mail from a client wanting to return goods that it had purchased.

Nobody in the Czech company Catus, which is involved in the food industry, thought it could be a virus.

“But then we opened the invoice in the attachment and found that it was nothing to do with any client,” Milan Vlček, head of the company, describes his experience with the cyber-attack.

The system that had been running until then shut down and a demand for a ransom payment appeared on the screen. Until the company sent the amount requested to the given account, the virus would block the computer and eventually delete all the company’s data.

Ransomware is a method increasingly used by hackers. This is confirmed by data from Brussels.

“The number of attacks using ransom-demanding software has exceeded the number of traditional attacks using malicious software such as Trojan horses,” MEPs stated in their resolution at the beginning of October.

Viruses cannot always be recognised

E-mails containing ransomware are becoming more and more sophisticated. They do not always contain spelling mistakes and they won’t always be flagged by your computer as being dangerous.

Catus’ email inbox receives dozens of infected messages every day. “But this email was much more sophisticated,” says Vlček. The message contained the correct form of address and signature and the text was formal and flawless.

EU plans aid to prosecute hackers and support member states

EU diplomats agreed to provide support to find and prosecute hackers outside the bloc and help member states that are hit with cybersecurity breaches, as part of a strategy to step up defence against large-scale attacks.

However, when one of the company’s employees opened the attachment to look at the invoice that had been sent, her computer was blocked by a virus.

But the company was prepared for the attack. “We make backups on external drives every day,” says the company executive.

After the virus attack, the whole computer was reinstalled. “We lost half a day’s work but that is certainly better than paying a ransom,” adds Vlček.

Hackers are motivated by payments

Paying a ransom is not a solution, cyber protection expert from an anti-virus company Avast also confirms. “You can never be sure that the blackmailers will actually return the data,” says Jakub Křoustek.

Another reason why companies should not respond to ransom demands is that payment motivates hackers to commit further crimes.

So Křoustek advises companies to back up their data and equip themselves with a high-quality security system. “Ransomware is an extremely insidious type of malicious software and new variants are continually emerging,” warns the security expert.

“It can put a company completely out of operation,” he adds.

Small and medium-sized businesses, that do not have sufficient funds to acquire quality security, are most vulnerable. Hackers focus, for example, on private clinics, architectural offices, cafés and other small retail outlets.

Cybersecurity partnership: Europe lacks 'strategic' tech muscle

An EU cybersecurity fund could help fill in the “strategic competences” Europe still lacks in the technology sector, according to the head of the EU public-private partnership on cybersecurity.

However, businesses rarely report attacks. “No one wants to accept the loss of the data,” says Vladimir Abraham, head of the Commerce Chamber’s detective services.

“There are thousands of attacks every day, but no one wants to speak publicly about the problem,” he adds.

Companies often do not even know that a virus has taken their data. And yet, it may contain information that is important for the running of the company or personal data of employees and clients.

Europe fights cybercrime

Czech companies should be protected in the digital world by the cyber security law which has been in place since 2015. According to that, for example, companies are required to report hacker attacks.

The information then goes to the National Cyber and Information Security Agency (NÚKIB), which records attacks and warns against possible threats.

Other European countries are also involved in ensuring cyber security. Up to 80% of European companies have experience of hacker attacks.

The European Union is therefore preparing legislation to help member states fight hackers.

Greater security on the internet is also repeatedly demanded by the European Parliament, most recently at the beginning of this month.

According to MEPs, the EU itself is critically vulnerable in today’s “digital” age. MEPs have therefore asked the European Commission to invest more in its own defence of information technology.

The governments and parliaments of EU member states are in a similar position. According to European Parliament recommendations, EU member states should focus in particular on better education. Cyber security could even be included in school curricula.

Subscribe to our newsletters