• Advertising
  • Disclaimer
  • Copy Right
  • Contact us
  • About us
WTM News
Web Hosting and Linux/Windows VPS in USA, UK and Germany
  • Home
  • entertainment
    • All
    • games
    • movies
    • music
    • sports
    '1899': The creators assure that they are already working on the next seasons and a possible ending

    ‘1899’: The creators assure that they are already working on the next seasons and a possible ending

    Las películas españolas que más esperamos en 2023

    Las películas españolas que más esperamos en 2023

    From 'Appointment in St. Louis' to 'Fifteen Days of Pleasure': 10 Great Christmas Musicals in Film History

    From ‘Appointment in St. Louis’ to ‘Fifteen Days of Pleasure’: 10 Great Christmas Musicals in Film History

    'Dreamland' review, by Jason Momoa on Netflix

    ‘Dreamland’ review, by Jason Momoa on Netflix

    Review, 'Kings vs. Santa': Family Christmas spirit with a thug twist

    Review, ‘Kings vs. Santa’: Family Christmas spirit with a thug twist

    release date, cast, synopsis

    release date, cast, synopsis

  • business
    • All
    • startups
    How to Buy Cryptocurrency

    How to Buy Cryptocurrency

    The first retail site in the Middle East

    The first retail site in the Middle East!

    Submit your projects to duty cope professional freelancers!

    Submit your projects to duty cope professional freelancers!

    bitumen 60/70

    Iran Bitumen

    Study Smart: Tips and Tricks to Ace the GED Test

    Study Smart: Tips and Tricks to Ace the GED Test

    Things to Remember When Taking the GED Math Test

    Things to Remember When Taking the GED Math Test

    DutyCope is the newest freelance platform

    Dutycope is the newest freelance platform

    What plans does NASA have to continue working with Russia?

    What plans does NASA have to continue working with Russia?

    Dutycope, the introduction of one of the best freelance sites

    Dutycope, the introduction of one of the best freelance sites

  • Technology
    • All
    • apps
    • gadget
    • mobile
    profesiones tecnológicas tecnología circular

    Circular technology: this is how it will evolve

    Elon Musk's biographer: "For him, chaos is standard operating procedure" |  Technology

    Elon Musk’s biographer: “For him, chaos is standard operating procedure” | Technology

    Roberto Lopez Familia Martínez

    Interview with Roberto López, Corporate CTO Familia Martínez

    Cloudera Data Platform One

    Cloudera Data Platform One, accessible data analytics

    Cloud services to solve complex IT problems

    SAP deploys the first public cloud project at Cepsa

    appian world data fabric

    Appian joins the Low-Code Data Fabric

    Trending Tags

  • lifestyle
    • All
    • foods
    • health
    • travel
    Body Contouring

    Common Types of Body Contouring Methods

    Cyruscrafts decorative handicrafts

    Iranian Decorative Handicrafts

    3 Days in Dubai – Where to Visit in Dubai

    3 Days in Dubai – Where to Visit in Dubai

    Ata Ghotbi and the road to success

    Ata Ghoutbi and the Road to Success

    5 ways to open frozen pipes without damaging the pipe

    5 ways to open frozen pipes without damaging the pipe

    Why is it better not to use toilet paper?

    Why is it better not to use toilet paper?

    Trending Tags

  • Review
    Review of the first part of the fifth season of the Money Heist series

    Review of the first part of the fifth season of the Money Heist series

    Introduction of Solar Ash game

    Introducing and reviewing the interesting game Solar Ash

    Review Huawei WATCH FIT smartwatch

    Review Huawei WATCH FIT smartwatch

  • Videos
No Result
View All Result
  • Home
  • entertainment
    • All
    • games
    • movies
    • music
    • sports
    '1899': The creators assure that they are already working on the next seasons and a possible ending

    ‘1899’: The creators assure that they are already working on the next seasons and a possible ending

    Las películas españolas que más esperamos en 2023

    Las películas españolas que más esperamos en 2023

    From 'Appointment in St. Louis' to 'Fifteen Days of Pleasure': 10 Great Christmas Musicals in Film History

    From ‘Appointment in St. Louis’ to ‘Fifteen Days of Pleasure’: 10 Great Christmas Musicals in Film History

    'Dreamland' review, by Jason Momoa on Netflix

    ‘Dreamland’ review, by Jason Momoa on Netflix

    Review, 'Kings vs. Santa': Family Christmas spirit with a thug twist

    Review, ‘Kings vs. Santa’: Family Christmas spirit with a thug twist

    release date, cast, synopsis

    release date, cast, synopsis

  • business
    • All
    • startups
    How to Buy Cryptocurrency

    How to Buy Cryptocurrency

    The first retail site in the Middle East

    The first retail site in the Middle East!

    Submit your projects to duty cope professional freelancers!

    Submit your projects to duty cope professional freelancers!

    bitumen 60/70

    Iran Bitumen

    Study Smart: Tips and Tricks to Ace the GED Test

    Study Smart: Tips and Tricks to Ace the GED Test

    Things to Remember When Taking the GED Math Test

    Things to Remember When Taking the GED Math Test

    DutyCope is the newest freelance platform

    Dutycope is the newest freelance platform

    What plans does NASA have to continue working with Russia?

    What plans does NASA have to continue working with Russia?

    Dutycope, the introduction of one of the best freelance sites

    Dutycope, the introduction of one of the best freelance sites

  • Technology
    • All
    • apps
    • gadget
    • mobile
    profesiones tecnológicas tecnología circular

    Circular technology: this is how it will evolve

    Elon Musk's biographer: "For him, chaos is standard operating procedure" |  Technology

    Elon Musk’s biographer: “For him, chaos is standard operating procedure” | Technology

    Roberto Lopez Familia Martínez

    Interview with Roberto López, Corporate CTO Familia Martínez

    Cloudera Data Platform One

    Cloudera Data Platform One, accessible data analytics

    Cloud services to solve complex IT problems

    SAP deploys the first public cloud project at Cepsa

    appian world data fabric

    Appian joins the Low-Code Data Fabric

    Trending Tags

  • lifestyle
    • All
    • foods
    • health
    • travel
    Body Contouring

    Common Types of Body Contouring Methods

    Cyruscrafts decorative handicrafts

    Iranian Decorative Handicrafts

    3 Days in Dubai – Where to Visit in Dubai

    3 Days in Dubai – Where to Visit in Dubai

    Ata Ghotbi and the road to success

    Ata Ghoutbi and the Road to Success

    5 ways to open frozen pipes without damaging the pipe

    5 ways to open frozen pipes without damaging the pipe

    Why is it better not to use toilet paper?

    Why is it better not to use toilet paper?

    Trending Tags

  • Review
    Review of the first part of the fifth season of the Money Heist series

    Review of the first part of the fifth season of the Money Heist series

    Introduction of Solar Ash game

    Introducing and reviewing the interesting game Solar Ash

    Review Huawei WATCH FIT smartwatch

    Review Huawei WATCH FIT smartwatch

  • Videos
No Result
View All Result
WTM News
No Result
View All Result
  • Home
  • entertainment
  • business
  • Technology
  • lifestyle
  • Review
  • Videos
Home Technology

The CSIC is offline: x-ray of a ‘ransomware’, the cyberattack that everyone fears | Technology

News writer by News writer
August 7, 2022
in Technology
7 0
A A
0
The CSIC is offline: x-ray of a 'ransomware', the cyberattack that everyone fears |  Technology

The CSIC is offline x ray of a ransomware the cyberattack

153
SHARES
235
VIEWS
Share on FacebookShare on Twitter

The CSIC is offline: x-ray of a ‘ransomware’, the cyberattack that everyone fears | Technology
is the headline of the news that the author of WTM News has collected this article. Stay tuned to WTM News to stay up to date with the latest news on this topic. We ask you to follow us on social networks.

The alarms went off this week. Two researchers from the Higher Center for Scientific Research (CSIC) complained on social networks that they had been without internet access for days. One of them requested in a letter to the director of EL PAÍS published this Tuesday the immediate restoration of the systems so that the projects in progress are not delayed. That same day, the Ministry of Science and Innovation released a statement acknowledging that the body suffered a cyberattack of the type ransomware on July 16 and 17, similar to the one that has also affected the Max Planck Institute or NASA this month. The National Cryptologic Center (CCN), the CNI body in charge of ensuring the cybersecurity of public institutions, activated a protocol that involved disconnecting all CSIC systems to prevent the spread of the virus. software malicious.

“To date, no loss of sensitive or confidential information has been detected,” the Ministry also said. And he pointed out that the investigation locates the origin of the cyberattack in Russia, something that various sources consulted by this newspaper consider premature to venture. Because one of the basic characteristics of cyber attacks, which makes them so attractive to criminals, is the ease of masking their origin. Defense Minister Margarita Robles insisted on Wednesday that the threat was attributable to the Russians.

@chaconlaborg Last week, after a minor ransomware attack the Spanish cybersecurity authorities (CCN and COCS) decided to disconnect from the internet the whole Spanish national research council (CSIC). Our primary research agent is inoperative and nobody cares. It’s shameful.

– Pablo Chacon (@PabloCh83144236) July 29, 2022

The ransomware It has been the preferred resource of cybercriminals for a few years. It is a type of cyberattack that encrypts the data of a system and then asks for a ransom in exchange for releasing it. The recommendation of the authorities is not to pay, but many do. Those who give in to blackmail usually try to keep it from spreading, but there have still been notorious cases. Among the most recent is the Colonial Pipeline, one of the largest oil pipelines in the US. After suffering a ransomware that paralyzed its activities, the authorities decided to pay the five million dollars that were required to release its systems and restore service.

The investigation into what has happened at the CSIC is still ongoing, and therefore secrecy prevails over the particularities of the case. However, the situation that the organization is going through is familiar to dozens of Spanish companies. The ransomware It is experiencing a critical moment, driven even more by Russia’s invasion of Ukraine. According to data from Check Point, in the second quarter of 2022, global cyberattacks increased by 32% compared to the same period in 2021. The average number of weekly attacks per organization worldwide reached 1,200 threats, an all-time high. The CSIC claims to receive some 260,000 intrusion attempts daily.

How exactly does this type of computer virus operate? What can be done to counter it? Is there an alternative to paying the ransom? EL PAÍS reconstructs with the help of cybersecurity experts what those who fall prey to a ransomware.

1. Infection: everything works apparently fine

The first phase of the process goes completely unnoticed by the victim. The cybercriminal looks for a way to access the system that he wants to attack. The most common route of entry is phishing, or deception techniques by which the victim is made to share passwords or other types of useful confidential information. For example, by posing as a bank or vendor and requesting credentials. Other ways to place software malicious software on the target computer is to disguise it as another program for the user to download (a fake update) or to exploit vulnerabilities in the victim’s operating system.

“I have worked for many years with the Administration and you would be surprised to see how common it is even today to come across Windows 2000 or Windows XP,” explains an analyst who prefers to remain anonymous. These operating systems, for which Microsoft no longer releases updates, were the gateway to the ransomware WannaCry, one of the most devastating in history, which in 2017 infected hundreds of thousands of computers in 150 countries.

A man looks at the notice that his computer has been encrypted.
A man looks at the notice that his computer has been encrypted.picture alliance (Getty Images)

Once the cybercriminal manages to enter a computer of the organization he is attacking, he has two main objectives. First, get administrator permissions to gain control of the entire system. Second, extend the malwareeither software malicious, as much as possible to reach as many devices as possible. When you take control of several or all computers, you can encrypt them and demand ransom. Or go a step further and first extract data of interest and then threaten the victim with its publication (this modality is known as ransomware double extortion).

Surprisingly, it doesn’t take many people to orchestrate attacks like this. “It is much simpler than it seems. There is often only one person behind a powerful cyber attack. They are even sold at dark web [redes y tecnologías que tratan de preservar el anonimato de sus usuarios] applications to develop ransomware at quite affordable prices,” says Marco Lozano, head of Cybersecurity for Companies at the National Cybersecurity Institute (Incibe). Reporting to the Ministry of Economic Affairs and Digital Transformation, Incibe is the body that provides support to private companies and individuals that suffer cyberattacks (public entities are the responsibility of the CCN).

When executing the ransomware, the files begin to be encrypted. “The more sophisticated the attackers are, the more damage they try to do. They will typically try to encrypt files shared internally on the organization’s network, not just the hardware of the infected computer”, illustrates Gergely Revay, systems engineer in the threat intelligence and research division of Fortinet, an American developer of software of cybersecurity. “They also look for backups, which is the best protection against a ransomwareto encrypt and cancel them”, he adds.

2. Detection: I can’t open the file

The victims know nothing of what is going on in their computers. Until one fine day they see that they cannot open a file. That is the most common way to realize that something is wrong. It is common for a ransom note to appear outlining instructions for paying the ransom. “They are usually text files that open automatically if you try to access any folder on the machine. Other cybercriminals bet on changing the wallpaper to make it even more obvious”, details Revay.

There are more signs that can set off alarms. For example, security tools or backups are disabled. It is also suspicious that administrator accounts appear that did not exist. “Sometimes several months pass before the cyberattack shows signs of its presence,” says Eusebio Nieva, technical director of Check Point Software for Spain and Portugal. Attacking a company with 400 employees is not the same as attacking another with 400,000. The more sophisticated the attack and the larger the prey, the longer preparations can take, while the larger the cybersecurity teams of its victims will be.

In the kidnapping note, the attackers usually provide some way to contact them. “It can be an address in TOR [un sistema de comunicaciones enrutadas que protege la identidad de los usuarios] or in the dark web, so that you can write directly in a chat to negotiate the price, which is lower the sooner you pay. As the days go by, it increases. If you pay, hopefully the system will be released for you,” says Revay.

3. Reaction: payment or no payment?

The recommendation of authorities and experts is not to pay. Among other things, because there is no guarantee that after doing so, the encryption key to recover the systems will actually be received (don’t forget that you are dealing with criminals). But many end up doing it. “I have helped several companies to manage the payment of the ransom”, says Deepak Daswani, hacker and cybersecurity consultant. “They usually ask for it in bitcoins. The amount varies depending on the size of the company. If they ask you for 5,000 euros, you still prefer to pay to forget about it. It is true that there is now more knowledge of cryptocurrencies, but the ransomware It has been active since 2013 and then hardly anyone knew how to operate with them,” he says.

What can those who decide not to give in to blackmail do? “There are two types of companies: those that have contingency plans, some security policy that allows them to restore activity in the event of possible incidents, and those that do not have a plan B. The latter are the ones that most concern us,” Lozano underlines, of the Incibe.

Main facade of the CSIC headquarters.
Main facade of the CSIC headquarters.

Response plans have their own manual. The CCN is following yours to resolve the CSIC incident. The theory marks a series of stages in the action: containment, identification, incident mitigation, recovery and post-incident analysis. Part of the work can be done remotely, but it is normal for technicians to go to check the attacked equipment and coordinate with the personnel of the attacked company or organization.

“Everything will depend on at what point in the process you discovered the attack,” summarizes Fortinet’s Revay. “If it has been done early, without destruction or data extraction yet, the first thing is to try to identify patient zero, which machine was infected first and which ones followed. And then analyze which part of the system is compromised,” he explains. This seems to be the stadium in which the CSIC is.

“In case your data has started to be encrypted, the situation is different: your move is to try to restore the systems as soon as possible. That is why it is crucial to have backup copies and know how to protect them. At the same time, it is necessary to investigate how they have managed to get into the systems and reestablish control, so that they do not have administrator powers”, continues Revay.

Having hybrid backups, which host the information on external servers and on removable memory sticks, is today the best guarantee to withstand an attack by ransomware. There are also advanced tools capable of inferring anomalous behavior of the operating system, such as that which arises when an encryption process is started. They help buy time and get ahead of the cybercriminal.

4. Outcome: recover systems or start from scratch

But there are attacks so sophisticated that they have no solution. “There are times when you have to set up a new network. When cybercriminals have gotten into the network so much that it is impossible to restore it and it is better to start from scratch, ”acknowledges a cybersecurity expert who does not want to give his name. A recent Google report highlights that there are companies that are forced to close because they do not recover from a cyberattack that causes them to lose their key databases.

If, on the other hand, the situation is controlled, it is time to debug machine after machine and, once there is no trace of the malware, the system can return to normal operation. Then begins the phase of analysis of what happened, whose objective is to take measures so that it does not happen again. It is also about knowing the author of the attack. “Depending on the type of ransomwarefrom the design of the campaigns and the tools used, we can have a preliminary idea of ​​the geographical origin of the attack, but accurately determining if there is an organization behind it or a specific individual is a mission that is often impossible”, he points out. Snow, from Check Point.

You can follow THE COUNTRY TECHNOLOGY in Facebook Y Twitter or sign up here to receive our weekly newsletter.

Source: elpais.com

Tags: CSICcyberattackfearsofflineRansomwareTechnologyxray
Previous Post

Guatemala sinks into the abyss of impunity | International

Next Post

Taiwan: Nancy Pelosi, the Democratic leader who imposes her agenda on Biden | International

News writer

News writer

I try to find the best news for you and publish it on WTM News. Follow my articles to become an up-to-date person!

Related Posts

profesiones tecnológicas tecnología circular
Technology

Circular technology: this is how it will evolve

November 23, 2022
Elon Musk's biographer: "For him, chaos is standard operating procedure" |  Technology
Technology

Elon Musk’s biographer: “For him, chaos is standard operating procedure” | Technology

November 23, 2022
Roberto Lopez Familia Martínez
Technology

Interview with Roberto López, Corporate CTO Familia Martínez

November 23, 2022
Cloudera Data Platform One
Technology

Cloudera Data Platform One, accessible data analytics

November 22, 2022
Cloud services to solve complex IT problems
Technology

SAP deploys the first public cloud project at Cepsa

November 22, 2022
appian world data fabric
Technology

Appian joins the Low-Code Data Fabric

November 22, 2022
Next Post
Taiwan: Nancy Pelosi, the Democratic leader who imposes her agenda on Biden |  International

Taiwan: Nancy Pelosi, the Democratic leader who imposes her agenda on Biden | International

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

  • Trending
  • Comments
  • Latest
Tesla's new update notifies the driver of tire wear

Tesla’s new update notifies the driver of tire wear

December 16, 2021
'Stranger Things': Jamie Campbell Bower opens up about her secret role for the first time

‘Stranger Things’: Jamie Campbell Bower opens up about her secret role for the first time

May 31, 2022
Time Magazine introduced Elon Musk as the character of 2021!

Time Magazine introduced Elon Musk as the character of 2021!

July 24, 2021
Introduction of Solar Ash game

Introducing and reviewing the interesting game Solar Ash

July 25, 2021
Introduction of Solar Ash game

Introducing and reviewing the interesting game Solar Ash

0
Added the ability to check voice messages before sending to WhatsApp!

Added the ability to check voice messages before sending to WhatsApp!

0
Time Magazine introduced Elon Musk as the character of 2021!

Time Magazine introduced Elon Musk as the character of 2021!

0
Review of the first part of the fifth season of the Money Heist series

Review of the first part of the fifth season of the Money Heist series

0
At least one dead and 19 injured by two explosions at bus stops in Jerusalem |  International

At least one dead and 19 injured by two explosions at bus stops in Jerusalem | International

November 23, 2022
profesiones tecnológicas tecnología circular

Circular technology: this is how it will evolve

November 23, 2022
Elon Musk's biographer: "For him, chaos is standard operating procedure" |  Technology

Elon Musk’s biographer: “For him, chaos is standard operating procedure” | Technology

November 23, 2022
Li Qiang, Xi Jinping's loyal lieutenant |  International

Li Qiang, Xi Jinping’s loyal lieutenant | International

November 23, 2022

Latest News

At least one dead and 19 injured by two explosions at bus stops in Jerusalem |  International

At least one dead and 19 injured by two explosions at bus stops in Jerusalem | International

November 23, 2022
profesiones tecnológicas tecnología circular

Circular technology: this is how it will evolve

November 23, 2022
Elon Musk's biographer: "For him, chaos is standard operating procedure" |  Technology

Elon Musk’s biographer: “For him, chaos is standard operating procedure” | Technology

November 23, 2022
Li Qiang, Xi Jinping's loyal lieutenant |  International

Li Qiang, Xi Jinping’s loyal lieutenant | International

November 23, 2022

Suggest application sites

Weltnachrichten

Nachrichten Star

Dutycope

Freelance sites

Bitrogen

News Pro

Arabic news

Buy sponsor post

WTM News

WTM News is a smart magazine that collects new and important technology news of the world for you from all over the web.
Our goal is to compile the best news so that you can more easily get the latest technology news in the world.

Follow us

News Categories

  • apps
  • business
  • entertainment
  • Environment
  • foods
  • gadget
  • games
  • health
  • lifestyle
  • mobile
  • movies
  • music
  • News
  • Other
  • Review
  • science
  • sports
  • startups
  • Technology
  • travel
  • Videos

Freelancer | Logo design | Hervess | Nachrichten Star | News Pro | Arabic news

Buy sponsor post

latest news

Review of the first part of the fifth season of the Money Heist series

The fifth season of Money Heist series

The points given are based solely on the personal taste of
Introduction of Solar Ash game

Solar Ash game

Score against the average score of this game on the site

WTM NEWS Magazine is just a portal for republishing news in various fields. All news will be placed on the site by mentioning the source. WTM NEWS has no legal responsibility for the accuracy of the news and articles and only reposts the news. © 2022 WTM NEWS

No Result
View All Result
  • Home
  • entertainment
  • business
  • Technology
  • lifestyle
  • Review
  • Videos

WTM NEWS Magazine is just a portal for republishing news in various fields. All news will be placed on the site by mentioning the source. WTM NEWS has no legal responsibility for the accuracy of the news and articles and only reposts the news. © 2022 WTM NEWS

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist