Close

Forgot your password?

Choose a newsletter




Premium access provided by ENSTA

Your premium access provided by ENSTA

Enter your email to begin

Premium access granted to you by NRC Q

You been given free premium access to Worldcrunch for 8 weeks thanks to NRC Q.

Enter your email to begin

Premium access granted to you by EM-LYON

You been given free premium access to Worldcrunch for 8 weeks thanks to EM-LYON.

Enter your email to begin

Premium access granted to you by Goldsmiths

You been given free premium access to Worldcrunch for 8 weeks thanks to Goldsmiths.

Enter your email to begin

Premium access granted to you by WorldCrunch HQ

You been given free premium access to Worldcrunch for 4 weeks thanks to WorldCrunch HQ.

Enter your email to begin

Premium access granted to you by MinnPost

You been given free premium access to Worldcrunch for 6 months thanks to MinnPost.

Enter your email to begin

Premium access granted to you by Expatica

You've been given FREE premium access to Worldcrunch

Enter your email to begin

Worldcrunch

Ransomware: Hackers Break Into Blackmail Business

Cyberpirates engage in extortion on individuals as well as companies, through data kidnapping and threats to reveal sensitive information. Red Alert for the accounting department.

Article illustrative image Partner logo According to Europol, several millions computers have been infected in the past two years, generating a multi-million-euro turnover.

PARIS — "If you are a customer of Domino's Pizza, know that we asked them not to publish your data in exchange of 30,000 euros...”

This was the message posted on Twitter in mid-June by the “collective" of hackers Rex Mundi. The pizza delivery company has refused to bow to the blackmail of the group, which boasted of stealing data from 600,000 customers.

This incident is just the latest illustration of the new weapon for cybercriminals: old-style extortion. “Usually, the demands are not made public. Here, the hackers are playing their last card,” says Gérôme Billois, computer security consultant at Solucom.

He reckons that Rex Mundi would have made more money by reselling the data on the black market. A brand's customer is worth between 50 cents and 2 euros, and between 300,000 and 1.2 million euros for the whole load like in this case of Domino’s Pizza, Billois estimates, “though data lose their value very quickly."

This is the “ransomware” game that is especially in fashion now. It can take the form of blocking the functioning of a computer and then asking the owner between 300 and 1,000 euros for him to have his encryption keys. “Sometimes the hacker makes a sneaky pass for ransom by sending an official message that appears to come from an authority imposing a fine," says Loïc Guézo from Trend Micro.

According to Europol, several millions of computers have been infected in the past two years, generating a multi-million-euro turnover.

The same phenomenon strikes companies in different ways. Discretion is required, so the ransom demands tend to be in bitcoin, the emerging virtual and untraceable currency.

But the first order of business is often kidnapping the data. Michel Van Den Bergue, CEO of Orange Cyberdefence, cites a case where hackers got their hands on a trove of human resources data. "They threatened to reveal the salaries of top managers on both internal and public forums,” he said. The ultimatum was a success for the hackers: the company paid.

A limitless imagination

A second option is for the hackers to paralyze an information system or threaten to destroy a sensitive data base (customers’ files, leaders’ email, etc). They can also threaten to overload a company's network or system. "The hackers paralyzed the trading room of a bank for 45 minutes, and it caused colossal losses," says Laurent Combalbert, a former officer in the anti-terror unit of the French national police, who now works in crisis management and ransom negotiation for private firms. If the amounts do not seem large compared to the damage that could be suffered, it is precisely because the approach has been to encourage the victims to pay.

So how should companies react? “We advise them to reveal the fuss and, more than anything, not to pay the ransom because otherwise it becomes a spiral," says Combalbert. "In extreme cases, negotiations happen — only by email since the hackers have dematerialized the negotiation — the ultimate goal remaining to convince the victim to give up."

The latest phenomenon is the fake orders of transactions. By getting informations on social networks, hackers pretend to be the bosses, putting pressure on an accountant or an assistant: “On LinkedIn, you can easily access all the charts of a company and its strategic projects. We saw some of our clients accepting to do transfers of 100,000 or 200,000 euros,” says Jean-Michel Orozco, chief of cybersecurity at Airbus Defence and Space.

Banks — particularly Société Générale, BNP Paribas, and CDC — take this phenomenon very seriously. The French central bank has made the issue a priority on its annual agenda.

And when you thought it couldn't get worse, the final trick worth mentioning: direct intrusion into the billing system. "I had the case of a client who had 1.5 million (euros) stolen this way," says Gerome Billois. How? The hacker broke into the company information system, and in the guise of the accounting department, commissioned several major transfers. 

Sign up for our weekly Global Biz & Innovation newsletter now


Worldcrunch brings top stories from the world's best news sources into English for the first time.

- Find out how we work
- Stay connected with our newsletter
- Try premium access for just $0.99

Want to get in touch or report a bug? Find us at info@worldcrunch.com

Load More Stories

Unlimited access to exclusive journalism, the best world news source across all your devices

Subscribe Now Photo of Worldcrunch on different devices

Your premium access to Worldcrunch is provided by

University of Central Lancashire

Please register to begin


By registering you agree to our terms of service and privacy policy.