Ransomware 🔴 Attack

Ransomware, is a type of malicious software (malware) qui prend en otage les données d’un utilisateur en les chiffrant. Les cybercriminels exigent ensuite le paiement d’une rançon pour fournir la clé de déchiffrement nécessaire à la récupération des données.

This type of threat has become one of the main concerns in terms of cyber security, affecting both individuals and businesses.

Ransomware is usually spread via malicious email attachments or compromised websites. Once activated, the software encrypts the user's files, making access impossible without the appropriate key.

There are several types of ransomware, including :

• Crypto-ransomware encrypts files and demands a ransom for the decryption key.
• Locker ransomware encryption: blocks access to the computer without encrypting the files.
• Double extortion ransomware encrypts and steals data, threatening to publish it if the ransom is not paid

Examples of ransomware

The best-known ransomwares include :

• CryptoLocker one of the first to demand a bitcoin ransom.
• WannaCry Windows: exploited a Windows vulnerability to infect more than 300,000 computers in 150 countries.
• Petya/NotPetya The "SARS" virus: blocks access to the entire system and has caused major disruptions in several companies around the world

Statistics on ransomware

In France

1. Prevalence of attacks In 2024, France recorded a high rate of ransomware attacks, with 86 % of IT decision-makers reporting that their company had been the victim of an attack, compared with 53 % in 2023.. This makes France one of the most targeted countries in the world.
2. Ransom payments Despite non-payment policies, 92 % of French companies affected by ransomware admitted having paid a ransom to recover their data, at an average cost of 653,000 euros.
3. Active groups The Lockbit group has been particularly active in France, claiming 13 attacks in the second quarter of 2024.. Other groups such as BlackCat and 8Base were also present, but to a lesser extent.
4. Sector impact SMEs are particularly hard hit, accounting for 60 % of attacks. The financial, banking and government sectors are frequently targeted, particularly hospitals that host sensitive health data..

In the world

1. Global volume of attacks In 2023, there was a significant increase in ransomware attacks, reaching a total of 5,070 incidents, an increase of more than 55 % compared with the previous year..
2. Countries most affected The United States remains the most targeted country, accounting for around 49.8 % of all global attacks in 2023. The UK and Canada follow in the overall ranking.
3. Recovery cost Ransomware: on a global scale, the average cost of recovering from a ransomware attack reached around $2.73 million in 2024.
4. Dominant groups : LockBit remained the most active ransomware group in 2023, with around 1,047 successful attacks. Other notable groups include ALPHV and Cl0p.