Cyber attacks, new act. In recent days the attacks of Wiper, powerful viruses that destroy computer data, have been reinforced in the context of the war in Ukraine. With in particular the famous Hermetic WiperAccording to Maxime Alay-Eddine, vice-president of the HexaTrust group and CEO of Cyberwatch*, French companies could also suffer the effects, either through targeted attacks or through rebound effects. For 20 minutesit details the effects of wipers and the protections to be put in place.
What is a wiper?
A Wiper, from the verb “to wipe” in English (sweep, wipe, scrape ..) will effectively sweep everything in its path. “This is a malicious product that will be used to render data unusable,” says Maxime Alay-Eddine, CEO of Cyberwatch, “Unlike a ransomware which renders them unusable only while a ransom is paid, the Wiper simply destroys them. They are screwed. By making data unavailable, it prevents information systems from functioning, and therefore organizations. One can imagine the consequences for an administration or a hospital.
The specialist specifies that the Wiper threat is both “persistent and advanced”.
“Persistent” because the Wiper can be a dormant virus, implanted for years in the information system, silently. “Advanced” because it will be activated by a human influence at the time chosen by it.
A Wiper can hide another cyber threat
Computer attacks are not necessarily a single virus. “This type of malware can also be used to divert attention. When we realize that a computer system is no longer working because of a wiper, we concentrate our forces on it. During this time, cybercriminals can trigger other attacks,” emphasizes Maxime Alay-Eddine. Currently, wipers are used in the war in Ukraine. This is the case of the malware called the Hermetic Wiper. “But it’s not the first time. A few years ago, Ukrainian organizations had already been affected, with collateral damage as far away as France, because of the NotPetya software which had affected the Saint-Gobain group (in June 2017). »
Is Russia behind the Wiper attacks?
Russia has developed expertise in cyber threats and Russian hackers are also talking about them. But “it is very difficult to accuse an institution, to say that it was Russia that attacked and is attacking today, explains Maxime Alay-Eddine, the fact remains that the cybersecurity company Eset has found new malware type wipers that are attacking Ukraine right now. “. It was only hours before Russia’s invasion of Ukraine that a cyberattack targeted Ukrainian organizations with HermeticWiper. On February 24, a second attack took place. The target was a government network and the Wiper involved was codenamed IsaacWiper. So many threatening viruses that can spread. Western countries take these threats seriously and companies are raising the level of security. “In France we can suffer targeted attacks or rebounds with uncontrollable effects, continues Maxime Alay-Eddine, in the event of aggravation, we would be in a kind of cyber emergency. Microsoft has announced that it has spotted HermeticWiper in Moselle. With several variants making it difficult to detect.
Can individuals be affected by Wipers?
Yes, even if they are not specifically targeted. “The individual does not interest pirates who seek economic profitability, details the specialist. Wiper-type attacks have more interest in targeting companies with homogeneous computer parks. If a hacker compromises a single computer, he can infect the entire system. »
How to protect yourself?
Maxime Alay-Heddine recommends regularly checking the ANSIL site, which lists security alerts.
National Information Systems Security Agency.
Companies should favor backups in offline mode because it is more difficult for the hacker to trigger the virus on them. “They must also monitor abnormal elements of the functioning of the network such as detecting requests that would go to surprising countries, with which the company is not supposed to have exchanges. »
For individuals, it is imperative to apply security updates to their system. Windows does this every month. On Mac OS, do not click on “Later”, when an update is offered! Safety doesn’t wait.
*Cyberwatch is a French company that helps companies and organizations detect, prioritize and correct their vulnerabilities.
Source: 20minutes
