Emotet seems to be defeated - at least for now
In a joint action at the end of January, law enforcement
officers around the world struck a decisive blow against what is probably the most important botnet of recent years: Emotet. Authorities from the US,
Germany and several other European countries worked together to dismantle
Emotet's infrastructure. The investigators have gained control of most of
the criminal group's servers and were able to infiltrate and shut down the
infamous botnet. This is undoubtedly a significant victory in the fight
against one of the greatest current cybersecurity threats worldwide - but what
does it mean for the future of botnets and ransomware?
International
Investigators Against Emotet
Emotet is an advanced and modular Trojan that can
self-propagate. In the past, it was used as a banking Trojan, but nowadays
it is best known for its ability to spread other malicious programs, thus
providing an infection vector for various malware campaigns. Phishing
e-mails with malicious attachments or links are usually used to attack victims'
computers. Behind Emotet, however, there is not only sophisticated
technology but also a very well organized criminal business model. Instead
of acting alone, the hackers responsible for the infamous botnet have
repeatedly formed partnerships with other criminal groups to
distribute malicious software (e.g. Trickbot and the ransomware Ryuk).
Europol confirmed that in cooperation with the investigative authorities of various countries - not
least the German Federal Criminal Police Office (BKA) was active here - they
carried out an internationally coordinated operation to stop Emotet. According
to Holger Münch, President of the BKA, hundreds of international emergency
services were involved in the action. The investigators succeeded in
infiltrating a considerable part of the criminal networks by diverting data
traffic from infected computers to an infrastructure set up by the authorities. As
a result, Europol was finally able to take over the criminals' servers and
smash the infamous botnet.
The
Fight Against Ransomware Continues
While this is good news in the fight against cybercrime, it is
only a temporary success. To prevent this type of cyber campaign
from gaining momentum again, two essential points must be met. First,
enterprise systems and networks must be protected from external threats by
implementing solid endpoint protection. This is the most important step in
preventing a device from becoming infected for the first time. Failure to
do so, a single click can cause malware to spread across an organization's
network and cause immense damage. Second, lawmakers need to put
regulations in place to regulate what motivates the bad guys and allows them to
continue their fraudulent practices with impunity: cryptocurrency. Bitcoin
and similar cryptocurrencies are the most common means of finance for hackers - cybercriminals use cryptocurrency to demand their ransom payments because
it allows them to remain anonymous. Regulation using legislation is
the most efficient way of depriving hackers of their financial resources and
thus of their main motivation.
Conclusion
Emotet seems to be defeated - at least for now. But another grouping will most likely take the chance and try to fill that void. Ransomware will continue to be a problem as cybercriminals are constantly striving to improve their methods and technologies. The successful use against Emotet is an important first step because both the botnet and those responsible behind it have suffered a significant setback. However, this does not mean that the botnet threat has been eliminated for good. If companies continue to take cybersecurity lightly and governments fail to enact adequate laws to regulate cryptocurrency, the road to combating ransomware will be a rocky one. Before facing any consequence of an internet threat, adopt the best antivirus software.
Comments
Post a Comment