In the cybersecurity industry, ransomware attacks are at home, which is why it is important to know what it is and how to protect yourself.
The word ransomware literally translated from English means ‘ransom virus,’ and in fact this is exactly what happens: viruses and malware attack our devices and prevent them from being used. Everything can return to normal by paying a ransom.
Many companies end up in the crosshairs of these cyber attacks, and the denouement generally is a ransom or online dissemination of a portion of the data, often posted on the site of the cyber gang responsible for the attack.
But now let’s take a good look together at what ransomware attacks are, the types and how to defend against them.
What are ransomware attacks
The ransomware virus is a type of malware, and it is used to ‘infect’ a device (pc, tablet, smartphone, etc.) and make the files on it inaccessible, which is why it is in fact referred to as ransomware attacks.
The purpose is to extort money if the victim wants to regain ownership of his or her content, which, thanks to encryption, has become unusable.
And how does the redemption request take place?
Instead of our wallpaper, a notice appears on the device whose sender looks like a security organization (such as the police) and is asked for money to obtain a password that will release access to content, and increasingly the payment is made on the Dark Web. The amount of the ransom very often is high: in some cases it has reached millions of dollars and is demanded in cryptocurrencies; in 2021, for example, Acer, whose importance we all know in the IT sector, was asked for $50 million.
How Ransomware Attacks Work
A ransomware spreads through attacks of:
PHISHING: A form of solicitation in which information and data are stolen through a cyber scam. For computer security, it is one of the most notorious threats
CLICKJACKING Transparent pages that are placed on top of the actual page; the user unknowingly performs activities such as downloading files or sending information, while permuted keys are intercepted to obtain information such as banking credentials or documents.
Types of Ransomware
There are mainly three types of ransomware:
- CRYPTOR: It is activated when the user opens a file as an e-mail attachment that, however, has a virus inside. Thus every file on the pc is encrypted with ‘strange’ extensions such as .wcry or random characters.
- BLOCKER: The virus simulates blocking a computer or mobile device. The user will see a message with a request for payment.
- WIPER: whose purpose is to destroy data irreversibly
The 10 object lines most frequently used in attachments are: Request, Follow-up, Urgent/Important, Are you available?/Are you at your desk?, Payment status, Hello ,Buy, Invoice due, Direct deposit, Expenses, Payroll.
The brands primarily used instead are WhatsApp, Google, LinkedIn, Amazon, FedEx, Roblox, PayPal, and Apple. Facebook and Instagram.
How to defend against ransomware attacks
To protect against these attacks, it is necessary:
- be very careful before downloading and installing files on the pc; assess who the sender is and what kind of site we are surfing on
- Choose an antivirus with a dedicated anti-ransomware module
- we choose an e-mail client that has security modules
- Always update our operating system to the latest version
- we use a secure and up-to-date browser (Google Chrome)
Let us always remember that cybersecurity should not only be designed to protect large companies; Lecs devices are created precisely so that the data of small businesses and professionals are also properly protected.