{"id":6971,"date":"2022-01-13T09:17:25","date_gmt":"2022-01-13T08:17:25","guid":{"rendered":"https:\/\/immune.institute\/?p=6971"},"modified":"2022-01-13T09:17:25","modified_gmt":"2022-01-13T08:17:25","slug":"ataque-ransomware-que-es","status":"publish","type":"post","link":"https:\/\/immune.institute\/en\/blog\/ataque-ransomware-que-es\/","title":{"rendered":"Ransomware attack: what is it and how to protect yourself?"},"content":{"rendered":"

Data kidnappings are also a reality. <\/b>Individuals and companies are forced to pay (a grave error) to recover damaged files or equipment. A whole business from which hackers profit.<\/span><\/p>\n

\n

As we always say on this blog, IT security is fundamental. Therefore, we must be alert to cyberattacks.<\/span><\/p>\n<\/blockquote>\n

On this page, we explain more about \u201cransomware attacks: what they are and how to stay protected\u201d.<\/span><\/p>\n

Ransomware: what it is and how it works<\/span><\/h2>\n

A ransomware attack is a type of malware, in which <\/span>An attacker locks a device or files in exchange for money.<\/b>. The hacker requests a ransom so that the victim can regain access to their data.<\/span><\/p>\n

And to understand how a ransomware attack works, you need to know the following concepts.<\/span><\/p>\n

Exploits, social engineering, and phishing<\/span><\/h3>\n

To begin with, do you know what an exploit is?<\/span><\/p>\n

\n

An exploit is code or a program, designed by a cyber attacker, which serves to take advantage of a security vulnerability in a device, app or network; in order to use it for their benefit.<\/span><\/p>\n<\/blockquote>\n

To this action, we must add <\/span>Social engineering or manipulation<\/b> to carry out the cyber attack. A convincing message that makes us bite, like fish.<\/span><\/p>\n

Finally, the <\/span>Phishing<\/span><\/a> is the action which consists of a <\/span>link or attachment<\/b> (allegedly sent by a trusted contact) that when downloaded, the ransomware attack begins.<\/span><\/p>\n

4 types of ransomware attack<\/span><\/h3>\n

To answer the question of what ransomware is and how to stay protected, it's important to know the different types of ransomware that exist:<\/span><\/p>\n

1. Encryption ransomware or encryptors<\/span><\/h3>\n

This group is also known as \u201cfilecolders\u201d. <\/span>They are the most popular type of ransomware attack.\u00a0<\/b><\/p>\n

\n

This type of malicious software is responsible for blocking and encrypting specific files (databases, documents, reports, videos, etc.). Attackers use cryptography to prevent the user from accessing them.\u00a0<\/span><\/p>\n<\/blockquote>\n

In this way, the hacker gives the victim a deadline and demands payment in exchange for not damaging or destroying these files.<\/span><\/p>\n

How to know you are suffering a crypto-ransomware attack<\/b> The file extension will change and you will be unable to open it.<\/span><\/p>\n

Screen locker<\/span><\/h3>\n

Nowadays, screen lockers usually attack in <\/span>smartphones or tablets<\/b>. And as its name suggests, this ransomware or virus locks your device's screen.\u00a0<\/span><\/p>\n

\n

Specifically, it prevents access to your computer's interface without affecting files or the system. This way, you may possibly be able to recover the files from the device once it's deleted.\u00a0<\/span><\/p>\n<\/blockquote>\n

How does this type of ransomware work?<\/b> A lock screen appears which either displays a message with payment instructions, or the hacker impersonates a police institution, \u2018informing\u2019 the user that they have broken the law and thus must pay a fine.<\/span><\/p>\n

3. Scareware<\/span><\/h3>\n

They pose as fake antivirus software.<\/b> Hackers create alert messages, informing the victim of potential problems with their equipment.<\/span><\/p>\n

The user is pecking and, consequently, <\/span>pays for fake software that \u2013 on top of that \u2013 acts like malware<\/b>. So not only will they have paid in vain, but from then on the attacker will have access to the victim's personal information.\u00a0<\/span><\/p>\n

4. Doxware or doxing<\/span><\/h3>\n

Also known as leakware, this type of attack plays on the <\/span>The victim's personal files<\/b> (photographs, videos, credit card details...).<\/span><\/p>\n

A fake link or file is the key for these hackers to access that personal data. The attacker blackmails the victim with publishing said information.<\/span><\/p>\n

Identifying the type of ransomware is essential for protection.<\/span><\/h3>\n

Indeed, <\/span>to know what type of ransomware we are facing<\/b> This is fundamental to being able to eliminate it. This would, firstly, be one of the key points that all types of companies carry out in the face of cyberattacks.<\/span><\/p>\n

This is added to different <\/span>Information security methodologies or philosophies.<\/b> Examples of this? In the first area, the <\/span>Reversing the malware<\/span><\/a> (that in-depth study of a malicious software) and, on the other hand, there is <\/span>DevSecOps<\/span><\/a>. This software development philosophy advocates for the automation of security processes.<\/span><\/p>\n

Prevention is key in cybersecurity.<\/b> And companies know this. That's why these repeated actions are important:\u00a0<\/span><\/p>\n