Ransomware is a type of software that intentionally executes malicious actions without the user’s knowledge, infecting devices and locking users out of their data or applications until those affected pay the ransom. It is currently one of the most dangerous, common and costly cyberattacks because attackers request large amounts of money to return access to information.

There are several ways a device can be infected, but the common one is through malware or attachments, which are usually sent via email. They are usually displayed as executable files and once the victim opens the email, the file starts its execution immediately.

Once the program has been run, the victim may be faced with the following scenarios: The files will be archived on the hard drive and a note will start to appear on the screen demanding payment of a sum of money to decrypt the files.

All system functions, such as Windows Task Manager, can also be disabled. Access to websites that could give you instructions or information on how to remove ransomware without paying the ransom will be blocked.

Most frequent ransomware

Among the most common ransomware, the following stand out the file encryption, which consists of encrypting the victim’s files and the cyberattacker requests a ransom to be able to decrypt them.

In the case of screen lockers a screen that blocks access to the computers or mobile phones of the victims is displayed, so they must pay a ransom to gain access to their devices.

Mobile ransomware is also common. This is a software that encrypt the files on the hard drive of a cell phone and until the user pays the amount demanded by the attacker can not access personal information.

Another type of ransomware is DDoS Ransomware, which doesn’t encrypt files, but uses a “botnet to bombard servers with so much traffic that they can’t respond.”

Ransomware as a service (RaaS) is also common, and has become a new form of business for cyber attackers, because this type of software “allows them to create their own ransomware and then use it themselves or sell it to other sites where they also they can carry out cyber attacks.

Measures to prevent cyberattacks

Companies, organizations and institutions that handle a lot of confidential information are the most likely to be victims of ransomware cyberattacks, but attacks on individuals have also been reported. As a prevention mechanism and to avoid becoming a martyr for cybercriminals, it is necessary to take certain measures:

• Make a backup of all files regularly, avoiding losing documents if they become encrypted with ransomware.
• Keep anti-virus software up to date.
• Change the passwords of important accounts regularly. A unique password for each of them is recommended.
• Do not share passwords or store them in easily accessible sites.
• Avoid opening emails from unknown people that contain attachments.
• Disable macros in Microsoft Office programs.
• Install security software that makes it easier to protect your computer equipment from ransomware attacks.

M. Rodríguez

Source: tekcrispy.com

La entrada Protection measures for cyberattacks with ransomware apareció primero en Bitfinance.