A ‘rescue software’ or ‘ransomware’ is a malicious computer program that encrypts computer files and thus restricts access to certain parts of files of the system it infects. Victims are forced to pay a sum of money, often in the form of virtual currency (‘bitcoin’) to recover the use and control of their data.
Computers, tablets and mobile phones can be the target of these attacks, which are aimed at individuals as well as companies or institutions.
How does it work?
Hackers exploit Internet weaknesses to take control of computers. Consult an infected web page, open an attachment in an email, play a video file, system or program updates that seem in principle reliable are the doors through which this malicious software can infect a computer in seconds.
The ‘ransomware’ works like a Trojan or worm. What to do if you get ransomware? There is no viral load in the program until the ransomware is activated and encrypts the information and causes the entire operating system to block, although sometimes the virus can also spread without human intervention.
At that time, it launches a warning message with the threat and asks for a ransom to retrieve all the information ($ 300, in the case of the new massive cyber-attack). Often, the user must send an SMS to obtain an unlock code.
Is it a frequent type of attack?
Yes and the phenomenon continue to expand. Before the recent cyberattack, the WannaCry paralyzed some 300,000 computers in 150 countries.
According to the computer security company Kaspersky Lab, 62 new families of “ransomware” have been registered in the last year. And according to the McAfee Company, the number of cases detected has grown by 88% in 2016, reaching four million.
This is because the ‘ransomware’ is a high return investment for the cyber-criminal. Relatively small quantities are requested, but accumulated amounts to huge sums.
In addition, this type of malicious software is also easy to find, in the so-called dark Internet, where a private individual could buy his own ransomware virus for just 150 dollars.
How to protect yourself against cyberattack of a ‘ransomware’?
A few simple rules can be very useful to reduce the risks of infection of our private computers by such a cyber-attack.
Ransomware what to do? For starters, the periodic update of security and antivirus programs, which correct the vulnerabilities of our computers that take advantage of this type of virus.
In the case of being infected, the authorities and security software companies recommend that the ransom not be paid. The US Department of Homeland Security warns: “Paying does not guarantee that access to data will be restored.”
If our computer or device is blocked by one of these attacks, Josep Albors, head of research and awareness of the ESET cybersecurity laboratory, points out that you must remain calm and unless you are an expert you should not act on the hard disk, which should be put in the hands of specialists and not use repair tools if they are not mastered, as more damage can occur.
As general recommendations, it is still valid to protect your pc from ransomware, to keep the operating systems updated and to have backup copies of the most important material to be preserved.