Ransomware attacks are, in a simplified way, the blocking of data and files and charging fees to regain access to your files and information. This virtual threat is an increasingly common and widespread criminal practice across the planet.
In other words, ransomware attacks are the digitalization of the crime of kidnapping , in which the hostage is virtual: freedom of access to data and files . That is, real people are prevented from accessing their digital assets on their own equipment, networks and systems.
In fact, ransomware attacks are real threats and a “virtual world” cybercrime that causes concern, mainly, to hackers' priority targets: companies and governments .
Without a doubt, the choice by companies and public authorities for ransomware attacks is due to the ability to pay and the abundance of sensitive and confidential data in these sectors.
With the growing number of attacks on systems and networks, maintaining internet security must be a concern in the daily lives of companies and governments.
See what were the most recent and talked about ransomware attacks in Brazil
Probably the biggest and most talked about ransomware attacks that occurred were on Lojas Renner , JBS , the National Treasury and, surprisingly, hospitals .
CNN Newspaper , on August 21, 2021, published a good report about the incident that took down the Lojas Renner website, which occurred and was reported two days earlier, on August 19, 2021.
In addition to the news, the report brought alarming data and information about ransomware attacks. According to CNN Brasil and its sources, hackers' appetite and voracity grew during the pandemic .
Watch the video below and follow the full report. You will see that, among other numbers, the amount demanded by cybercriminals and paid by companies to regain access to blocked data grew by 82% , compared to 2020.
Evolution of techniques and values required in ransomware attacks
The G1 portal also got into the subject and published Ransomware: understand how the virus is used in extortion and learn how to protect yourself , signed by Victor Hugo Silva and Rafael Miotto.
The content consists of a short article and a video. In this way, it explains how a ransomware attack is used to extort money and cites the case of the largest meat processor in the world, JBS .
Furthermore, among other information, it provides an interesting chronology of the evolution of techniques and values required in ransomware attacks , which we reproduce below.
- 2009: Gpcode locked the computer and released the unlock key after the victim sent an SMS , which was charged by cybercriminals to the phone bill.
- 2013: CryptoLocker stood out by adopting bitcoin as a means of paying ransoms between US$500 and US$1,000, and by achieving unbreakable encryption.
- 2015: TeslaCrypt charged ransom to release game files.
- 2016: Petya acted directly on the hard drive, and not just on the files , to prevent the system from starting.
- 2017: WannaCry charged US$300 per victim and raised US$60,000.
- 2018: Systems in the city of Atlanta, in the United States, were affected by ransomware that asked for US$50,000 in bitcoin.
- 2021: Part of a new wave of ransom viruses that adopt specific strategies for each victim, Ryuk charges between US$600,000 and US$10 million to grant access to systems .
- 2021: DarkSide charged US$5 million to release the Colonial Pipeline system.
- 2021: the REvil group was identified as responsible for the attack on JBS , which resulted in the ransom of US$11 million.
Before watching the video below, it is good to remember that, in order to avoid traceability , ransomware attack ransom payments are normally required in cryptocurrencies, mainly in Bitcoin.
Above all, this form of operationalization of extortion is imposed because deposits and payments made with cryptocurrencies are anonymous and impossible to track . Which facilitates and encourages the practice of ransomware attacks.
How to protect yourself from ransomware attacks and data hijacking?
This was exactly the theme of the article Ransomware and data hijacking: how to protect yourself , which the co-founder of Lumiun Tecnologia, Heini Thomas Geib, wrote for the lumiun blog .
In an objective and didactic way, the article explains how ransomware attacks occur and, mainly, informs about the main preventive measures and how to proceed after blocking files .
Above all, it reinforces how “ important it is to prevent ransomware attacks and, at the same time, be prepared to continue activities after an incident” .
Know to better fight
Probably, the teachings, guidelines and principles of General Sun Tzu , in the Art of War , are the best to face the virtual threat of ransomware attacks. Among them, we highlight three.
According to him, first, you need to know the enemy to fight him . Then, once you get to know him, the important thing is to attack the enemy's strategy .
Just to illustrate, ransomware attacks are carried out by hackers who use software with malicious code to prevent access to data and information through encryption .
In fact, this modus operandi of malicious code is what defines the two types of ransomware that exist. When it prevents access to equipment and devices, it is a locker attack . crypto attack .
Once the files, hardware, networks and systems they contain are encrypted, this data and information can only be unlocked using a unique access key .
Thus, cybercriminals guarantee bargaining power over victims. Not only from individuals, but they also manage to extort from companies and governments .
The moment a ransomware attack is launched, it system vulnerabilities infects devices through malicious links or files.
Prevention is better than cure
Undeniably, popular sayings have great appeal and foundation. In this sense, against harmful actions caused by ransomware attacks and other viruses and malware, prevention is essential .
Certainly, against virtual threats and cybercrimes that put sensitive data on equipment, networks and systems at risk, the best practice and the best investment is to prevent and avoid it .
In this sense, the third highlight of Sun Tzu's philosophy fits perfectly: defeating the enemy without having to “fight”.
However, there are no guarantees in this type of situation. Even more so because it is not always possible to reverse or recover all data and files.
After all, resigning yourself to paying a ransom to cybercriminals doesn't mean they'll unlock your files or equipment .
The main precautions against ransomware attacks
Without a doubt, the two most effective verbs in relation to virtual threats are PREVENT and PROTECT !
Consequently, there are two main solutions against ransomware attacks. Firstly, what it prevents: internet access control . Secondly, what protects: systematically carrying out backups .
The Lumiun Tecnologia has the know-how and technology to help prevent ransomware attacks. Above all, because the internet access control solution is complete and effective in preventing downloads of harmful software.
On a single cloud platform, Lumiun customers have Internet Access Control , Firewall and Business VPN . Much more security and productivity on your company's internet.
Likewise, maximum attention is needed to protection, backup! As an ideal strategy, the existence of a backup copy should be implemented in a location separate from the origin of the data.
Other precautions against digital kidnapping
After the main precautions against ransomware attacks are implemented. Other precautions against virtual kidnapping, even if more basic, are necessary and always welcome.
In principle, these are basic questions and tips, ranging from user education to information security :
- Beware of fake emails and websites : Users must be educated about the responsibility they have for the company's data and information.
- Internet access control : define which groups of users will have access to which types of websites. Avoid using inappropriate, inappropriate or harmful websites for work. This helps protect the network against phishing and the spread of malware, such as ransomware attacks.
- Antivirus : Good antivirus software is essential. It must always be updated and configured to perform periodic scans.
- Software updates : Keeping operating systems, software, and applications up to date prevents.
- Access permissions : it is important to have a well-defined policy on this topic. It is also necessary to check the level of access that each user or group of users needs in relation to files shared on the network.
- Administrative-level user accounts : Likewise, the widespread use of administrative-level user accounts for the purpose of harm reduction should be avoided.
Finally, internalizing the relevance of this topic in organizational culture is mandatory. Above all, because prevention and protection against ransomware attacks needs to be real .
