By deceiving more than a hundred SMEs, the engineering school student raised between 1,000 and 1,500 euros a week.
The Paris Cybercrime Brigade has just arrested a 22-year-old hacker who has multiplied attacks on SMEs (SMEs). According to information fromEuropean 1, the investigation has been open since April last year, accusing the engineering school student of extortion in an organized gang and criminal conspiracy. Already known by the police for similar facts, the young man has been offering his services since 2019 on international hacker forums.
The principle is simple, it develops ransomware that other hackers use to attack small and medium sized companies’ computer systems. This collective function constitutesa new way of organizing cybercrime“, noticed at Figaro Mathis Hammel, specialist and sponsor of the Guardia Cybersecurity School: “Historically, all viruses evolved in their corner, today we are dealing with hackers who organize themselves into gangs. The hacker who developed the software collects the money from scams and redistributes it to his colleagues. It is a very lucrative business.»
For example, for the development of his software, the student hacker was paid between 1000 and 1500 euros per week. “It is generally young people who lack a framework and who want to prove things. But they could use their talents to work for the common good and earn higher wages legally.Says Mathis Hammel. In total, the 22-year-old swindled 150 SMEs, some of whom are French women among the victims.
More than every other small business is hit by a cyber attack
These SMEs are increasingly being affected by cyber attacks. In 2021, with EITs (medium-sized enterprises) and VSEs (very small enterprises), they represented 52% of ransomware victims (an increase of 53% compared to 2020), far ahead of local authorities (19%) and strategic companies (10%), according to the panorama from the National Agency for Information Systems Security (Anssi). “As large organizations improve their defenses, smaller organizations are increasingly targeted by hackers as they can be more easily reached“, Emphasizes Craig Dunn, Cyber Manager at insurance company Hiscox Europe.
According to Medef and the consulting firm BCG, small structures face a lack of knowledge about cyber attacks, in addition to an underutilization of aid and public initiatives launched by the state. “Despite their strengthening with the health crisis, 56% of companies say they are not aware of the help from the digital part of the recovery plan, and only 10% have benefited from assistance or support in this context (although 42% express a need for funding), ”Notes the press release. Among these aids is the Future Investment Program (PIA), the fourth part of which is endowed with 20 billion euros, intended to “long-term support for innovation in all its formsand accelerate the state’s cyber security strategy.
Expert Mathis Hammel recommends SMEs to “update their system very regularly“, of”perform backups on hard disks that are disconnected from servers“And if the company has the necessary resources,”perform audits with external companiesto identify potential errors. It also reminds that guides are made available to companies to begin protecting their computer systems.
ALSO SEE – The founder of “Hackers Without Borders”, Clément Domingo is at war in the face of an increase in cyber attacks