Wel of niet betalen na cyberaanval met ransomware? | Terzake

Terzake

16 Jan 202005:01

Summary

TLDRThe transcript discusses recent cyberattacks on Belgian companies like Picanol and Ranson, highlighting how cybercriminals cripple operations and demand ransom payments. Despite these incidents, Belgium ranks well in cybersecurity across the EU. Companies often face difficult choices between paying ransoms or contacting law enforcement, with many opting to pay to regain functionality quickly. Human error remains a primary cause of breaches, as hackers exploit weak passwords and phishing. The narrative also emphasizes the importance of reporting incidents to help authorities understand the threat and improve protections for others.

Takeaways

💻 Picanol has been hacked by cybercriminals, leaving the company potentially out of service for a week.
✈️ Last summer, Asco, an aircraft parts manufacturer, couldn't produce for three weeks due to a cyberattack.
🇧🇪 Despite these incidents, Belgium ranks relatively well in cybersecurity, sharing the fourth place in the EU according to some indicators.
❓ The actual number of cyberattacks in Belgium remains unclear, as many companies do not report them due to shame or fear of reputation damage.
🕵️‍♂️ Most companies do not disclose cyberattacks, leading to a significant 'dark number' of unknown incidents.
🖥️ A year ago, Ranson's computer systems were hacked, causing the complete destruction of their servers.
💰 Companies face difficult choices after being hacked, such as paying the ransom or contacting the police, with some opting to pay to recover faster.
🔒 Ransomware attacks often include encrypting backups, leaving companies with no escape unless they pay for decryption keys.
📉 Human error is the most common cause of cyber breaches, with tactics like phishing and password theft frequently exploited by criminals.
💸 Ranson managed to negotiate and pay tens of thousands of euros to regain access, with the hackers treating the situation as a business transaction.

Q & A

What company was recently hacked by cybercriminals?
-Picanol was recently hacked by cybercriminals, causing the company to potentially be non-operational for an entire week.
What was the impact of the cyberattack on Asco?
-Asco, a company that manufactures aircraft parts, was unable to produce for three weeks last summer due to a cyberattack.
How does Belgium perform in terms of cybersecurity compared to other EU countries?
-Belgium ranks relatively well in cybersecurity, sharing the fourth place among EU countries, according to several indexes.
Why is it difficult to know how many cyberattacks occur in Belgium?
-The exact number of cyberattacks in Belgium is uncertain due to a 'dark number,' meaning many companies do not report attacks due to shame and fear of reputational damage.
What happened to Ranson's computer systems during their cyberattack?
-Ranson's entire infrastructure was wiped out, with all servers being destroyed, and the company was unable to operate as a result.
What is the typical approach of cybercriminals when attacking a company?
-Cybercriminals first encrypt a company’s backups to ensure there is no escape, leaving the company with little choice but to negotiate for a decryption key, often in exchange for a ransom.
Why do companies sometimes choose to pay the ransom despite recommendations not to?
-Some companies opt to pay the ransom to quickly regain operational status, as waiting for other solutions could result in more financial loss than the ransom itself.
What is the primary method hackers use to gain access to companies' systems?
-Hackers often exploit human error, such as misleading employees to click on links or provide credentials, or reuse passwords across multiple sites.
What happened when Ranson paid the ransom to the hackers?
-Ranson paid tens of thousands of euros after negotiating with the hackers. The decryption process involved additional steps, and the hackers themselves were eager to resolve the matter quickly as they had invested too much time.
What role does law enforcement play in cyberattacks?
-Reporting cyberattacks to the police is important, as it may help capture the responsible group and provide insights for preventing future attacks.