Ransomware attacks on the rise in France

In 2020, ransomware cyberattacks - malware designed to extort money in exchange for unlocking a computer system or decrypting data - increased dramatically. Their number is set to double again in 2021.

Ransomware attacks set to explode in 2020

In 2020, these cyberattacks gave rise to 397 referrals to the Paris public prosecutor's office, an increase of 543% on 2019. According to specialists, ransomware cyberattacks could double again in 2021.

In 2017, the WannaCry ransomware was used to organize a global cyberattack, considered the largest ransomware cyberattack in Internet history. More than 300,000 computers were targeted, across more than 150 countries.

Numerous companies and administrations were affected, including Renault, Vodafone, the Russian Interior Ministry, FedEx, 50 hospitals of the National Health Service in the UK, and Deutsche Bahn, the German state-owned railway company.

According to the French National Agency for Information Systems Security (ANSSI), ransomware cyberattacks are highly profitable for hackers, which suggests that the number of such attacks will increase over the next few years.

Wavestone and Institut Montaigne have published a study revealing that all it takes is 150,000 euros over 3 months for hackers to collect between 500,000 and 1.5 million dollars, by attacking 20 major corporations.

Hackers do not act in isolation, but in a coordinated fashion within the cybercrime network. Several technical intermediaries are needed to operate, and an organization is set up to launder the dirty money extorted from the targets of these cyberattacks.

These ransom demands are all the more numerous because, on a national scale, the resources available to combat these cyberattacks are limited. In France, for example, there are just 10 police investigators and 3 specialized magistrates.

Insurers accused of encouraging these practices

On April 15, 2021, Johanna Brousse, the vice-prosecutor in charge of cybersecurity cases at the Paris public prosecutor's office, and Guillaume Poupard, the director of the Agence nationale de la sécurité des systèmes d'information, pointed the finger at insurers at a Senate hearing.

According to Johanna Brousse and Guillaume Poupard, to avoid having to pay compensation for data loss and damage, insurers are encouraging companies targeted by such cyberattacks to pay the sums demanded by the hackers. Responding to such ransom demands, however, would encourage cybercriminals to multiply the extortion.

This accusation has provoked a reaction from insurers, who deny that they systematically encourage payment of ransoms. For them, this is alast-resort solution, when encrypted data is essential, even vital, for companies.

What is ransomware?

Ransomware is malicious software designed to block access to a computer system, whether a smartphone or a computer, or to encrypt data.

Once these cyberattacks have been carried out, the hackers demand a ransom in exchange for the key to decrypt the data or unlock the device. Ransomware infects computers and smartphones using the same techniques as all computer viruses: it is usually hidden in a fraudulent e-mail attachment or corrupted link.

Once the machine is infected, the user no longer has access to it, or his data is rendered unreadable. The user is then informed of the amount claimed and the procedure to follow to pay the funds, sometimes by simple bank transfer, or by payment systems such as PayPal.

In most cases, once the money has been paid, the device is unlocked and the data decrypted, although there's no guarantee that the pirates won't up the ante. Hackers generally target companies, and the sums demanded can be colossal.