Ataques Ransomware ¿El favorito de los cibercriminales?

Ransomware Attacks The favorite of cybercriminals?

por: MAU ZUBIllaga

What is Rasomware?

Focused primarily on extortion, the ransomware It is a type of malware that uses different techniques that execute malicious code, convincing users that it comes from a secure source. In this way it is introduced into computers and mobile devices, which manages to prevent access to information, encrypting all the documents on the device and requesting a ransom to make it accessible again. After the initial infection, the malware will attempt to spread to the rest of the involved systems within the network, including shared storage drives, service interruption, which could cause financial loss upon restoration.

Kinds of attack

Some of the ways where the user can be infected by this type of malware are the following:

Social engineering: Cybercriminals manage to persuade victims to take actions to violate network security or gain access to them. Some situations usually arise when downloading programs without knowing if there is spyware or malware within the program. Its main sources are:

E-mail The user is asked to download and execute an attached file. The contents of these emails usually include: some type of donation, collaborations with supposed “official” programs, notifications that we are waiting for package confirmation, sending documents or other types of messages to encourage downloading and execution.
Social Networks: Through advertisements, if the user does not realize that it is from a true company and does not verify that the official website where it directs them is correct, they can be deceived and also spread through contacts or direct messages from friends on these platforms or Live where the aim is to persuade the user to download to obtain a prize.
Downloads in websites It seeks to persuade the user through unofficial pirated software sites to direct them to infected websites and malvertising techniques where fake ads are embedded in legitimate websites.

Operating System Vulnerabilities: It is executed through an exploit (the key for them to access our system and then perform other malicious actions) to carry out a specific attack, run and remotely install malware to have control of the system.

Rise of Ransomware

Some of the popular ransomware are:

Lockdown Ransomware: This type of malware blocks the basic functions of the user's computer. It prevents access to your desktop, but you will still be able to interact with the criminal to pay the ransom, but it will be disabled.

Encryption Ransomware Its function is to encrypt your critical data (such as documents, photos or videos), but it does not affect the most basic functions of the computer. You can view the files, but not access them. They contain a countdown in their ransom demand; If you don't pay by the deadline, all your files will be deleted. Recommendation: Make several backup copies in the cloud as well as physical.

“According to MakeUseOf, There are several probable scenarios. Ransomware targeting vehicles is an option, as researchers have already shown that it is possible to hijack and take full control of a moving vehicle. Smart home technology, such as security cameras, locks and thermostats, is also a resource exposed to infection, since these systems require a Wi-Fi connection to function and the security of several of them is insufficient against brute force attacks. There is also a risk of ransomware targeting the medical sector, which may target devices such as pacemakers, implants, and medical monitors. The growing Internet of Things (IoT) offers a wide variety of connection possibilities and its security standards are poor.” (Kaspersky, s.f.)

bibliographic references

Cook, S. (16 de Enero de 2023). Estadísticas y datos sobre el ransomware de 2018 a 2022. Recuperado el 14 de Julio de 2023, de Comparitech: https://www.comparitech.com/es/antivirus/estadisticas-ransomware/
El aumento del ransomware: los ejemplos más representativos. (s.f.). Recuperado el 14 de Julio de 2023, de Kaspersky: https://latam.kaspersky.com/resource-center/threats/ransomware-threats-an-in-depth-guide
Qué es el ransomware y cómo recupero mi información. (16 de Abril de 2020). Recuperado el 14 de Julio de 2023, de INCIBE: https://www.incibe.es/empresas/blog/el-ransomware-y-recupero-mi-informacion
Ransomware: una guía de aproximación para el empresario. (20 de Abril de 2021). Recuperado el 14 de Julio de 2023, de INCIBE: https://www.incibe.es/empresas/guias/ransomware-guia-aproximacion-el-empresario
Trigo, S., Castellote, M., Podestá, A., Ruiz de Angeli, G., Lamperti, S., & Constanzo, B. (s.f.). Ransomware: seguridad, investigación y tareas forenses. Recuperado el 14 de Julio de 2023, de Universidad FASTA: http://redi.ufasta.edu.ar:8082/jspui/bitstream/123456789/1595/2/JAIIO%20SID%202017-2936-Ransomware-CR.pdf
Veloz, F. D., López, L. I., Valdivieso, Á. L., & Álvarez, M. B. (25 de Enero de 2019). Indicadores para la detección de ataques ransomware. Recuperado el 14 de Julio de 2023, de ProQuest: https://www.proquest.com/openview/841aa93ba3c3df451268e843ef187b70/1?pq-origsite=gscholar&cbl=1006393
No More Ransom: https://www.nomoreransom.org/es
2022, de https://www.bbva.com/es/compras-ciberseguras-mejor-moda-verano/
Editor| ESET. (2015, 3 agosto). Recuperado 30 de septiembre de 2022, de https://www.welivesecurity.com/la-es/2015/08/03/11-consejos-compras-online-seguras/

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.