Emotet rolled up; what can we learn?

In late January, Interpol put an end to the notorious virus network Emotet with Operation Ladybird. Emotet existed since 2014 and initially focused mainly on banks and other financial institutions. In 7 years, Emotet grew to become the largest cybercriminal network in the world. It is fascinating to see how well organized this network was, with almost mafia-like hierarchy, a roadmap and business model.

Cloud service

With hundreds of servers, Emotet operated as a kind of cloud service for all kinds of malware. Phishing mails were created to perfection. The computing power of all these servers was rented out to send malware such as viruses, trojan horses and ransomware. ‘Customers’ sent through the Emotet network, for example, emails with documents, including attachments, invoices, packing slips, information on COVID-19. If someone opens this mail and document, the virus settles into the network with all the consequences. Then this virus is going to permanently change itself à la corona, so that it is not recognized by virus scanners. Passwords are found out and sent back to the sender of the virus. The passwords are sold again through Emotet to large parties who are willing to pay a lot of money for them. And who have the knowledge to use the purchased passwords to take over an organization’s infrastructure and hold the data hostage.

Hijackers on the coast

Emotet’s story shows that a virus attack is almost impossible to prevent. Also because Emotet’s “good” example will undoubtedly be followed. Cybercriminals will always find their ways to unlock sensitive information. Just as in traffic you can never be sure you won’t have an accident, no matter how many precautions you take. Just as in a car an airbag is your ultimate protection in an accident, so is an airgap in protecting your data. We have covered this in detail in our previous blogs.

So

Emotet has been rolled up, but cybercriminal networks will always be there. Make sure you secure your data or backup somewhere no one else can access it. Neither do hackers. This is the only way to limit your data in the event of a cyber attack. With Silent Bricks, you can easily achieve such an airgap. Want to know more? We are happy to tell you all about it. Please contact us with no obligation at all!