Ransomware attacks , in simple terms, involve the blocking of data and files and the demand for payment to restore access to those files and information. This virtual threat is a criminal practice that is becoming increasingly common and widespread throughout the world.
In other words, ransomware attacks are the digitalization of the crime of kidnapping , in which the hostage is virtual: the freedom to access data and files . That is, real people are prevented from accessing their digital assets on their own equipment, networks, and systems.
Indeed, ransomware attacks are real threats and a form of cybercrime that targets assets in the "virtual world," causing concern, especially for the primary targets of hackers: companies and governments .
Undoubtedly, the choice of companies and public authorities as targets for ransomware attacks is due to their ability to pay and the abundance of sensitive and confidential data in these sectors.
With the increasing number of attacks on systems and networks, maintaining internet security should be a daily concern for businesses and governments.
See which ransomware attacks were the most recent and widely discussed in Brazil
Probably the biggest and most talked-about ransomware attacks were against Lojas Renner , JBS , the National Treasury , and even, believe it or not, hospitals .
CNN's news program , on August 21, 2021, aired a good report about the incident that took down the Lojas Renner website, which had occurred and been reported two days earlier, on August 19, 2021.
In addition to the news, the report presented alarming data and information about ransomware attacks. According to CNN Brazil and its sources, the appetite and voracity of hackers grew during the pandemic .
Watch the video below and follow the full report. You will see that, among other figures, the amount demanded by cybercriminals and paid by companies to regain access to blocked data has increased by 82% , compared to 2020.
Evolution of techniques and values required in ransomware attacks
The news portal G1 also addressed the issue and published "Ransomware: understand how the virus is used in extortion and learn how to protect yourself ," authored by Victor Hugo Silva and Rafael Miotto.
The content consists of a short article and a video. It explains how a ransomware attack is used to extort money and cites the case of the world's largest meat processor, JBS .
In addition, among other information, it provides an interesting timeline of the evolution of techniques and the costs involved in ransomware attacks , which we reproduce below.
- 2009: Gpcode locked the computer and released an unlock key after the victim sent an SMS , which was charged to the phone bill by cybercriminals.
- 2013: CryptoLocker stood out by adopting bitcoin as a means of payment for ransoms between US$500 and US$1,000, and by achieving unbreakable cryptography.
- 2015: TeslaCrypt demanded a ransom to unlock game files.
- 2016: Petya acted directly on the hard drive, and not just on files , to prevent the system from booting.
- 2017: WannaCry charged $300 per victim and managed to collect $60,000.
- 2018: Systems in the city of Atlanta, in the United States, were affected by ransomware demanding US$50,000 in bitcoin.
- 2021: Part of a new wave of ransomware viruses that adopt specific strategies for each victim, Ryuk charges between US$600,000 and US$10 million to unlock access to systems .
- 2021: DarkSide charged US$5 million to unlock the Colonial Pipeline system.
- 2021: The REvil group was identified as responsible for the attack on JBS , which resulted in a ransom of US$11 million.
Before watching the video below, it's good to remember that, in order to avoid traceability , ransom payments for ransomware attacks are usually demanded in cryptocurrencies, mainly Bitcoin.
Above all, this method of extortion is imposed because deposits and payments made with cryptocurrencies are anonymous and impossible to trace . This facilitates and encourages ransomware attacks.
How to protect yourself from ransomware attacks and data hijacking?
This was precisely the topic of the article "Ransomware and data hijacking: how to protect yourself ," which Lumiun Tecnologia co-founder Heini Thomas Geib wrote for the Lumiun blog .
In an objective and didactic way, the article explains how ransomware attacks occur and, mainly, informs about the main preventive measures and how to proceed after files have been blocked .
Above all, it reinforces how " important it is to protect against ransomware attacks and, at the same time, be prepared for business continuity after an incident .
Knowing is key to better fighting
General Sun Tzu in The Art of War probably the best for confronting the virtual threat of ransomware attacks. Among them, we highlight three.
According to him, first, it is necessary to know the enemy in order to fight him . Then, once you know him, the important thing is to attack the enemy's strategy .
Just to illustrate, ransomware attacks are carried out by hackers who use software with malicious code to prevent access to data and information through encryption .
In fact, this modus operandi of the malicious code is what defines the two types of ransomware that exist. When it prevents access to equipment and devices, it is a locker crypto- type attack .
Once encrypted, files, hardware, networks, and systems containing this data and information can only be unlocked with a unique access key .
Thus, cybercriminals secure bargaining power over their victims. They are not only extorting individuals, but also companies and governments .
When a ransomware attack is launched, it system vulnerabilities infects devices through malicious links or files.
Prevention is better than cure
Undoubtedly, popular sayings have great appeal and foundation. In this sense, prevention is fundamental .
Without a doubt, when it comes to virtual threats and cybercrimes that jeopardize sensitive data on equipment, networks, and systems, the best practice and the best investment are prevention and avoidance .
In this sense, the third highlight of Sun Tzu's philosophy fits perfectly: defeating the enemy without having to "fight".
However, there are no guarantees in this type of situation. Especially since it's not always possible to reverse or recover all the data and files.
Ultimately, resigning yourself to paying a ransom to cybercriminals doesn't mean they will unlock your files or equipment .
Key precautions against ransomware attacks
Without a doubt, the two most effective verbs in relation to cyber threats are PREVENT and PROTECT !
Consequently, there are two main solutions against ransomware attacks. Firstly, the preventative one: controlling internet access . Secondly, the protective one: systematically performing backups .
The Lumiun Tecnologia has the know-how and technology to contribute to the prevention of ransomware attacks. Above all, because the internet access control solution is complete and effective in preventing the download of malicious software.
On a single cloud platform, Lumiun customers have Internet Access Control , Firewall , and Enterprise VPN . Much greater security and productivity for your company's internet.
Likewise, maximum attention must be paid to protection and backups! Ideally, a backup copy should be kept in a location separate from the original data source.
Other precautions against digital kidnappings
After the main precautions against ransomware attacks are implemented, other precautions against virtual kidnappings, even more basic ones, are necessary and always welcome.
In principle, these are basic questions and tips, ranging from user education to information security :
- Beware of fake emails and websites : users should be educated about their responsibility towards company data and information.
- Controlling internet access : defining which user groups will have access to which types of websites. Preventing the use of inappropriate, unsuitable, or harmful websites for work. This helps protect the network against phishing and the spread of malware, such as ransomware attacks.
- Antivirus : Good antivirus software is essential. It should always be up-to-date and configured to perform periodic scans.
- Software updates : keeping operating systems, software, and applications up-to-date prevents...
- Access permissions : it is important to have a well-defined policy on this topic. It is also necessary to check the level of access that each user or group of users needs in relation to files shared on the network.
- Administrative-level user accounts : Similarly, the widespread use of administrative-level user accounts should be avoided for harm reduction purposes.
Finally, internalizing the relevance of this topic within the organizational culture is mandatory. Above all, because prevention and protection against ransomware attacks need to be genuine .
