File encryption and ransom requests: how to take care of this type of cyberattack

Technologies

By 08 May, 2020 - 02:02pm 712 views

It is known as ransomware a a type of cybercrime consisting of the sequestering of data by means of a malicious program that encrypts files impending that the user can access the content.

To replace access to that content that is hijacked, encrypted and inaccessible to the user, the ciberdelinque prompts the user to pay a ransom in cryptocurrency format.

These attacks are particularly nocivos for the user because those hijacked files may have relevant content such as some working project, a investment that has been working on years ago, or photos and videos family.

And if you don't have a back up or backing up that information, you can lose all that material from years in a second. That type of ransomware that encrypts files is known as file coder. But there are also types of ransomware that directly block access completely. They are the type "lock screen" or lock screen.

Intimely those screen locks integrate an alleged message from the police informing the user that they must pay a fine because pirated software, pronographic material or indications that they were browsing illegal sites were found on their computer. They are generic accusations that seek to generate panic and the user, in the face of fear and doubt, can give in to these deceptions.

A screenshot of the message that was seen on the computers affected by the WannaCry ransomware (Photo: AP)

how it spreads

One of the methods of propagation is through files attached in post or by links which arrive by means of a fraudulent message that claims to be sent by a bank o some recognized entity.

In other occasions, the malware manages to infiltrate by means of some vulnerability that it may encounter in the operating system. This was the case with WannaCry, one of the largest cyberattacks in history, which was unveiled in 2017 and which can still be damaged today if you don't have the susteer operating system.

WannaCry used a exploit (script to make use of a vulnerability) known as Eternal Blue, which was leaked by a group of hackers known as Shadow Borkers. This exploit exploits a vulnerability in the implementation of the Microsoft Server Message Block (SMB) protocol.

This error was corrected by means of a security update that released Windows on March 14, 2017 (security patch MS17-010) for all versions of Windows that the company was currently maintaining.

But, for different reasons, many users (end and corporate) had not updated their computer system. So, two months later, The WannaCry attack managed to affect more than 230 thousand computers in 150 countries. And within those affected were governgs and corporations. was a major attack,

In 2019 there were also many incidents linked to the vulnerability known as Bluekeep. It acts similarly to WannaCry and Microsoft released the security patches but even months after you released this update, many users were affected by not having installed those updates on their computers.

The ransomware today

So far this year there was a spike in ransomware cases in February, probably linked to the coronavirus, as explained by cybersecurity company Eset.

Coronavirus has been especially used as a hook to commit acts of phishing or phishing, although it can also be used as a gateway for other malicious attacks, such as ransomware.

A this adds that, as a result of the pandemic, telework began to be implemented in all sectors that have been able to virtualize their tasks, which means that more people are connected from home. And it's people who may not take basic care precautions like keeping your devices' operating system up to date. Or that they may unknowingly download an attachment with malware or login to a link that redirects them to a fraudulent site that can lead to the theft or hijacking of information.

How to recover your files

A way is not recommended to pay the ransoms for two major reasons: the first is that, if we do, the growth of this form of cybercrime is being encouraged; and the second is that nothing ensures that access to the affected device or files will be regained even when the ransom is paid. It's likely that the criminal will start demanding more and more money,

In the face of a situation like this it is best to make a complaint to the public prosecutor's office to proceed with the investigation and to recover, through SAmetic , the content concerned.

how to protect yourself

It is best to take precautions beforehand. In this sense, and as a first step you have to make sure that you always keep the operating system up to date always.

How to update the operating system

For Windows, go to Settings/Update and Security/Windows Update. To configure updates go to Advanced options and activate where it says you want to receive automatic updates.

In the case of Windows, go to Settings/Update and Security/Windows Update. To configure updates go to , and activate where it says you want to receive automatic updates.

In the case of macOS, go to System Preferences in the Apple menu (the one with the apple icon) and click Software Update to check for available updates. If any, press the option Update to install.

To automatically install updates, select the "Enstain your Mac automatically".

so measures

Make a periodic back-up of the files. It is convenient to do a double file backup: in the cloud as well as on an external disk that should not be connected all the time to the computer, to avoid that if the computer is damaged the disk is not damaged also with the back up.

Use firewall and a security solution to protect computers from possible incidents.

In addition to these security measures, to avoid any type of cyberattack you have to avoid connecting to public wi fi networks, configuring the home router securely, employ a VPN to connect to the network and use second authentication factor on all platforms.

MORE ON THIS THEME:

Home office: strategies to be productive without losing the balance between work and rest

9 computer security specialists discuss risks and prevention measures

Related News

CAPosts