Global blackmail virus events are breaking out , And gradually, the unit of measurement is week .

Local time 5 month 31 Japan , The world's largest meat supplier JBS openly , The company's servers were systematically attacked by hackers , Computer networks have been shut down in several branches around the world , Wholesale meat prices in the United States have risen . The global food supply chain, which has been hit by the epidemic, has become even worse .

Only three weeks ago , The largest product pipeline operator in the United States Colonial Pipeline Ransomware attacks ……

The workers stopped work and the factory stopped production , The global food supply chain is in turmoil

This time, it was attacked by hackers JBS The company is the world's largest meat processor , As report goes , The total value of meat exported by the company to the world last year 136 Billion dollars , China accounts for nearly one third of them .JBS It is also the largest meat processing enterprise in the world , Annual revenue exceeds 500 Billion dollars , In Fortune Global 500 Ranking No 191 position , In the world 20 Many countries have meat processing plants , There are as many employees worldwide 24 More than one .

JBS Global business layout , Let this network attack trigger the butterfly effect .

JBS Express , At present, the main affected markets are North America and Australia . As report goes ,JBS All beef factories in the United States were forced to shut down , According to industry estimates ,JBS Roughly controls the United States 20% Slaughtering capacity of cattle and pigs . The shutdown caused by the attack has had a significant impact on the U.S. meat market .

USDA data shows , Tuesday , U. S. Meat Processors slaughtered fewer cattle than last week 22%; The number of pigs slaughtered has decreased compared with last week 20%. in addition , Wholesale prices have also risen accordingly . And in Canada , There are also some. JBS Plant shutdown .JBS It is also the largest meat processor in Australia , Thousands of local employees have stopped work for two consecutive days on Monday and Tuesday .

Although there is no direct evidence that the incident was started by “ Blackmail virus ”, But according to the attacker's choice to attack the company's system over the weekend , It is likely to involve extortion software .

Similar incidents have been common in the first half of this year .《2021 Blackmail virus trend report and protection scheme suggestions in the first half of the year 》 It shows that , Even though 2021 Compared with the same period last year, the first half of , The attack posture of blackmail virus has decreased slightly , But extortion incidents are still frequent , only 2021 First quarter , There have been many cases of extortion of internationally renowned enterprises , And the ransom continues to set a new record .

Which industry will be targeted next ？

Perhaps no industry can ensure that it will survive the attack of blackmail virus . Observe from the security incidents that have occurred so far , Any person 、 organization 、 Almost all the agencies are within the range of blackmail virus .

From the initial mischief , Up to now, there have been frequent malicious attacks , Why can extortion virus be as “ Weeds, ” Strong vitality , Wanton growth ？《 The report 》 Also made a detailed explanation ：

First , Blackmail virus encryption means are complex , Decryption cost is high ; secondly , Use electronic money to pay ransom , Converted into cash quickly 、 Tracking is difficult ; Last , The emergence of blackmail software service , So that the attacker does not need any knowledge , As long as you pay a small amount of rent, you can carry out illegal activities of extorting software , Greatly reduce the threshold of blackmail software , Promoted the large-scale outbreak of extortion software .

According to the characteristics of extortion virus with high incidence in the market ,《 The report 》 The means of transmission of blackmail virus are divided into 6 A direction ： Weak password attack 、U Disk worm 、 Software supply chain attack 、 System / Software vulnerability 、“ No documents ” Attack technology 、RaaS. Extortion virus gangs use these means of transmission to invade the target system , Will use tools to upload the confidential data of the lost network to the server , Then blackmail .

With the continuous acceleration of global digitalization , More and more enterprises are moving their business to the cloud . Due to the high value of enterprise user data , However, many enterprises are not fully prepared for the cloud network security situation . So for some time to come , Targeted attacks against enterprise users , Will be one of the important targets of blackmail virus . And with the popularization of Technology 、 The maturity of blackmail virus industry chain , Viruses will also become more diverse 、 High frequency .

But there is a clear consensus that ： Bulk commodities and social infrastructure are the key targets of extortion virus . Li Tiejun, a network security expert at Tencent, said ,“ In the past two years , Through observation, we found that the target of network attack has become more and more clear , The enterprises that bear the brunt are those that hold a large amount of business data . Who has the higher value of data , The more vulnerable someone is to hackers .”

Whether to pay ransom , It should not be the only way to solve the problem

Because of the high cost of unlocking the encrypted file , So when blackmail happens , The only choice left to enterprises is to pay ransom or restore and rebuild .

Statistics display , Over the past few years , The total amount of ransoms paid for hacker attacks worldwide is rising , It soared significantly last year 311%, Close to the 3.5 Billion dollars . And more threats are hidden in 3.5 After $100 million ： The ransom payment cannot be decrypted 、 There is no guarantee that there are other vulnerabilities 、 raise the price at the transaction location ……

In the face of an endless stream of extortion viruses , Whether enterprise or individual users , Should pay attention to network security measures , Take precautions in advance . Tencent security suggests that enterprises should follow “ Three no three ” The principle is to build a defense system in advance .

besides , Targeted deployment of security measures is also a way to deal with . Enterprise users shall install and deploy terminal security management software throughout the network , It is recommended to use Tencent zero trust borderless access control system （iOA）; For some large and medium-sized enterprises , Tencent advanced threat detection system is recommended （NTA） Monitor intranet risks . meanwhile , Enterprise users can also subscribe to Tencent security threat intelligence products , Make all security devices in the whole network have the same threat discovery as Tencent security products 、 Defense and clearance capabilities .