In terms of computer security, one of the big issues that has arisen in recent time is the concern about Ransomware, a class of malware that completely blocks a computer, asking the attacker for a sum of money to free it from this hijacking. .
An attack of this kind could literally ruin a company or business. The threat of Ransomware is a growing danger, given the expansion it has undergone in recent years. In the following lines, we will review its origins and some measures that can be taken in this regard.
How can your computer get infected with Ransomware?
It is important to note that nowadays, any device could be exposed to being infected with malware of this category, regardless of whether it is a mobile device or a desktop device. In the same way, a large part of the massive operating systems today are exposed, concentrating the attacks on computers with Windows, macOS, iOS and Android, given the scope they have.
The channels of infection are varied. They can range from the randomness of an ad with malicious content, those that often lead to the download of malware, to targeted attacks, channeled through spam via email or the distribution of false documents that appear to be legitimate and of interest to the victim.
What types of Ransomware are there?
Ransomware usually comes in three variants. The least fearsome is the scareware, which uses false security advertisements, pretending to come from a trusted source, such as a technical support channel or a fake antivirus. By means of a bombardment of pop-up messages, a special payment will be requested to eliminate the virus in question, something totally irregular, which is not a common practice among legitimate security solutions.
The next level of danger is a variant that does nothing but lock screen, displaying a message in full screen that pretends to be a security institution, or the police itself, denouncing alleged illegal activity from the equipment in question, demanding the payment of a fine to free itself from the blockade. In this case, this way of proceeding does not conform to a regular mechanism either, since legal actions in the event of virtual crimes are channeled only through formal processes.
Bad Rabbit, one example among many
The highest level of danger from being exposed to Ransomware is the possibility that it is encrypted storage of your team. The hijacking of the attacked device could be executed in a similar way to the previous case, but with the addition that your files will remain encrypted after the attack. Currently, there is no security software with the ability to nullify an attack of this magnitude, so the alternatives are reduced to giving up the information or making the requested payment to obtain an unlock key, assuming there are no guarantees. in the middle.
Why is Ransomware a major danger for businesses?
Behind malware like the one we are discussing here, there is the attackers looking for money.
It is not the same to attack a personal computer, with rates of use that border on the punctual, compared to the possibility of taking over a corporate team, with sensitive information that can not only compromise the work and responsibilities not only of a particular person , but rather of an entire entity. Clearly, the second option is more suited to the profile of these situations.
We have recently followed up on the Garmin case and the money they have had to incur to face an attack. Other companies such as Honda, Australian hospitals and even a hosting provider have made headlines for their exposure to similar cases.
Even Microsoft, several years after the end of support for Windows XP, was forced to release a new security update to address such a vulnerability.
A light ransomware could be eliminated by an antivirus software or, the data could be recovered looking for solutions outside the operating system, by means of a rescue disk, the use of a live Linux distribution or another similar alternative. However, since the danger could be of a greater scope, it is best to take steps to avoid exposure to Ransomware from the beginning.
In computing, as in many aspects of everyday life, security works best when applied with a preventive approach, rather than a reactive one.