WHAT IS RANSOMWARE?
He ransomware It is a malicious program that prevents access to certain parts or files of the infected system and demands a ransom in exchange for removing this restriction. Through the ransomware, The cybercriminal has the ability to encrypt the files on the infected computer, taking away the user's control over all stored data information.
This is a malicious virus that demands a ransom from the user, whose computer is infected and who has been the victim of a cyberattack, to pay a ransom through bitcoins, that is, virtual currency.
He ransomware It disguises itself within a file or program, so that the user clicks, for example through an attractive email or through videos from pages of dubious origin or in updates of reliable systems and programs, in which they can also act.
It is a malicious and intelligent virus, so it is not easy to attack, but it can be avoided by following a series of guidelines such as:
- Update your operating system to avoid security vulnerabilities
- Install a good antivirus and keep it updated.
- Do not open emails or files from people or companies we do not know.
- Avoid browsing unreliable websites or websites with unverified content.
- Always keep an up-to-date backup to avoid losing all your information.
Generally, a ransomware It spreads like a worm or a Trojan horse, infecting the user's operating system through a download or by exploiting a software vulnerability. Once it gains entry, the ransomware It starts and encrypts the user's files with a key, which only the creator of the ransomware, so that the user can claim that key in order to recover all their files, which they will only be able to obtain through a ransom, usually paid with virtual currency, also called bitcoin.
In other words, once the system is infected, the virus contacts a central server to obtain the information it needs to activate and demand a ransom. It encrypts the contents of the user's hard drive and provides instructions for making the virtual payment. It typically threatens the user with a deadline before permanently deleting the files or increasing the ransom price.
He ransomware It affects all types of systems: Windows, Mac and Linux, and it tends to target companies more than individuals, considering that they can assume a greater economic benefit when they demand a ransom from the victim in question.
When you suffer a cyberattack, you can try to recover the data that is now encrypted, through Incibe (National Cybersecurity Institute of Spain) via the CERTSI Security and Industry, which offers a free service for analyzing and decrypting files affected by ransomware.
Incibe recommends not paying the ransom demanded by the ransomware to recover your files, because there are no reliable guarantees that this promise will be kept. Furthermore, by exploiting the victim's vulnerability, the cybercriminal can launch further attacks. ransomware subsequently.
On the other hand, it's helpful to know how to disinfect your computer. In addition to using high-quality antivirus software, it's essential to create a backup of your hard drives and the most important files, depending on the significance of the affected data. Cloning the files will facilitate reporting the incident, and there may be a tool available to decrypt them in the future.
Hackers use this technique to lock a device and demand a ransom from the victim in exchange for restoring access. These attacks... ransomware The most popular and, in turn, most dangerous have been WannaCry, Petya, Cerber, Cryptolocker and Locky.
