The different types of malicious code that surround us when we browse the Internet are increasing. At the same time, attackers innovate with new methods to get hold of our data and money, something we must face in our daily lives online. Next we will talk about one of the most feared malware formats, Ransomware.
Aside from the growth of the different security solutions that we can install on our computers, we must also do our part to avoid falling into the trap of malicious code. Little by little we are gaining more and more experience, but attackers are always one step ahead to deceive us.
There are all kinds of malicious software that can reach our computer, some completely harmless and others that will completely block the device. There are also those that only focus on showing us advertising, others that are based on stealing our access credentials and banking details, and there are simply annoying ones. However, in these same lines we are going to focus on one of the most feared and dangerous models there is, ransomware.
What is ransomware
The truth is that there are several reasons why this type of malware is so feared and dangerous. We must take into consideration that this is a type of malware that basically blocks the use of our stored personal data, and the computer as a whole. That is, if we suffer an attack through ransomware, it is possible that we will lose access to our computer. The worst thing about all this is that over the years this type of attacks has grown both in quantity and danger.
In recent years, it represents close to 20% of the total threats that reach end-user and business computers. To give us a better idea of ​​what this malicious code format represents, when it reaches our computer it blocks it and requests a ransom to regain control over it and the stored data. Needless to say, this can be a serious inconvenience both personally and professionally.
In most cases, the ransom is requested through the virtual currency Bitcoin, or others of the kind. But that is not the worst, since over the years the consequences of ransomware have become more dangerous for affected computers. We tell you all this because on many occasions they have evolved to provide threats of double and triple extortion.
These are the most common types of ransomware
At this point we will tell you that double extortion attacks add the threat of leaking blocked data through the Internet. At the same time, triple extortion attacks threaten to use all of this to attack clients and business partners in the case of a company.
There are several formats of this type of attack via ransomware, so below we will show some of the most common ones that have reached computers in recent years.
Scareware. We could say that this is the least dangerous format since it focuses on the appearance of fake security programs. We are also going to come across false offers of technical support that supposedly will help us solve problems with the equipment. One of the most common modus operandi is a message that informs us that malware has been detected on the PC and we will have to pay to get rid of it. Obviously all of this is false, but if we don’t pay we will continue to be bombarded with pop-up messages of this type.
Screen lockers. On the other hand, we find a more annoying and dangerous type of ransomware that focuses on locking the computer screen. As you can imagine, this prevents us from using our computer since when we turn it on, a window appears that occupies the entire screen and does not allow us to use the PC. On many occasions here we find a message supposedly from the FBI or the United States Department of Justice that tells us that illegal activities have been detected on the computer. Obviously they then ask us to pay a fine for these illegal activities.
Encryption type ransomware. And we are also going to talk about the most dangerous and feared format. When it reaches our computer, it hijacks and encrypts all the files stored on it and asks us for a certain payment so that we can decrypt them and use them again. We must take into consideration that we will hardly find any software or security solution that will solve this problem. In theory the only solution is to pay for the release to be carried out by the attackers themselves.
How does it reach our teams?
As with many other malicious code formats, there are several ways ransomware can reach our computer. On many occasions, malware can be embedded in our hard drive through a download of a malicious program that we carry out thinking that it is a legitimate application. Once we run it, we encounter the problem that we mentioned before.
Likewise, it may happen that we receive certain email messages that urge us to download some software to successfully carry out the attack. Likewise, it may be the case that we become victims without any fault. Attackers also tend to take advantage of different vulnerabilities in both the operating system and the installed software to send us this type of malicious code, among others.
Another of the most used methods is through credential theft, either on remote servers or local computers. From there they use this private data to access different platforms or even our computer and directly install the malicious software to send us the ransomware.
How to avoid ransomware or respond to an attack
As with many other types of malicious code that can stalk our computer and its data, we must be proactive here. First of all, we should not trust web pages that currently offer us more than paid for free or with an offer that is too exaggerated. We must also be wary of email messages that reach us from unknown channels or with unreliable attachments.
In addition, we must keep our operating system and its installed applications updated at all times. Not to mention the antivirus that we have on the computer, which should always be running and properly updated. These are basic tasks that we should take into consideration and that are increasingly common among most users.
But if we focus on this type of malicious code specifically, ransomware, in many cases keeping a backup copy of our operating system and all its data on an external drive will be of enormous help to us. This will allow us to restore it if our computer is blocked and they ask us for a ransom to recover it. In the event that it is too late and the malware has reached our computer, in practically all cases you should not pay the ransom.
It is unlikely that you will regain control over the computer even if you make the payment, and with that move all you do is strengthen the attackers’ strength.
