October Cyber Security Report: A Rise in Ransomware Attacks

This post is also available in: עברית (Hebrew)

The ESET cyber security report for October reveals a troubling rise in the use of the Filecoder malware against small and medium businesses in Israel. The personal information of 5,000 Israelis was leaked online.

Source: ESET Virus Radar
Source: ESET Virus Radar

In October there was an unusual rise in activities involving the ransom malware known as Filecoder. According to the report the number of cases rose by more than 200% in Europe and the United States. Several Israeli companies, mostly small or medium businesses, were also victims.

Filecoder is considered more dangerous than common ransom malware, due to its high level of sophistication and the large number of its versions online. Filecoder usually encrypts photos, documents, music files and archives.

In order to decrypt the files private users have to pay 100-200 euros . There have been cases where hackers demanded 3,000 euros and more when breaking into organization network, because businesses can usually afford higher ransoms.

A few months ago it would have reached the headlines, but in October the event went relatively unnoticed. A group of Palestinian hackers known as “GaZa HaCHer” published the names, addresses, ID numbers and phone numbers of more than 5,000 Israelis. They claimed they did it out of boredom, although their exact methods are still unclear. This isn’t the first time that group of hackers published private information of Israelis online, it happened several times in the past.

IHLS – Israel Homeland Security

Did the Carmel Tunnels shutdown in September occur due to hacker attacks? That claim was made by a security expert in an interview given to the AP news agency. According to him the hackers managed to get a trojan into the system managing the tunnel security cameras, and caused massive traffic disruptions. According to the tunnels’ managing company, Carmelton, the shutdown was caused by a malfunction in an inner system component, and not by hackers.

This latest event joins another report from April, according to which Syrian hackers targeted Haifa’s water services’ networks.

The trojan malware known as Trojan Downloader wins first place for the month of October. The software secretly downloads malicious files onto the victims’ computers from a remote server. Second place goes to a virus utilizing I Frame technologies, redirecting users from legitimate websites to malicious ones. The virus known as Agent comes third, used by its creators to spy on others.

In order to avoid these threats operating systems and installed software must always be updated, applications and other software of unknown origin should be avoided, and the local antivirus software must be updated regularly.