Even more dangerous than Ransomware : Wipers

Backup :

Ransomware attacks are now frequent and increasingly aggressive, and they seem to have a bright future ahead of them. But a new threat has recently appeared : the Wipers. What is it and how can it be prevented ?

Locky, Cryptolocker, Wannacry, Petya, many ransomwares have made headlines in recent months. And the victims were numerous: many SMEs, but also world-renowned companies such as Renault, FedEX, the Russian banking system, universities and hospitals around the world. When an attack occurs, within a few hours a large number of companies are affected. And the modus operandi is always the same: a piece of malware which, once executed on your computer (via an attachment downloaded from an email) encrypts all your data and delivers the decryption key to you against payment of a ransom.

But recently, a new type of malware has appeared, the Wiper. And it is very difficult to detect, because it looks just like ransomware. However, if with a ransomware the goal is to get money out of you, the Wiper has a precise goal : to permanently destroy your data, with no way back.

If in the case of ransomware, paying the ransom could give you a chance to recover your data, in the case of a Wiper, it is totally useless.
Indeed, the sole purpose of a Wiper is pure and simple sabotage, as shown by the attack of 27 June 2017 with NotPetya, which is strongly suspected of being a Wiper :

– A unique identifier is normally displayed in the ransomware message which the victim must send to the hackers after making the payment in bitcoins. This identifier should allow the NotPetya authors to identify the victim. It should therefore contain information about the encryption keys used on the machine in question. But according to Kaspersky researchers, it turns out that this identifier is completely random. “Attackers cannot extract any decryption information from such a random sequence of characters,” according to Kaspersky researchers

– Security researcher Matt Suiche discovered that the data in the boot area is not saved anywhere, but simply replaced with something else. The disk file system would therefore be unrecoverable anyway. “The current version of Petya has been rewritten to be a wiper, not a ransomware,” says the expert.

So what do you do when you are faced with a threat that is motivated only by the desire to harm you ?

The only way to resist attacks from Ransomware or Wipers is to have a reliable backup.

All companies equipped with Beemo backup solutions were able to recover all their data !

Beemo backup solutions are particularly reliable against this type of attack due to the specific technologies used (secure backup box, Linux environment, etc.) and the high level of security guaranteed by a triple backup level :

– on a backup box placed within the company,
– in a first secure Beemo data center,
– in a second secure Beemo data center.

If you have any questions, please do not hesitate to contact our sales department.

Articles sur le même thème

Plus d'articles

Une question ? Un projet ?

N’hésitez pas à nous contacter !

0800 711 500

Contactez-nous