Recent data estimate that cyber-attacks have grown by 125% in Spain since 2020, approximately 40,000 per day. Among the targets of cybercriminals, the main focus is on businesses, governments and institutions. Their goal is to attack servers, applications and platforms in search of critical information from which to extract financial gain or other interests. Of all the different types of threats, ransomware was the leading threat this past year, which is why ransomware could be called the enemy of business.
What is Ransomware?
Ransomware is a type of malware (malicious program) that infects, blocks and hijacks the systems or files of a natural or legal person and prevents the user of that system from accessing, for this you have to pay a ransom that frees the data.
In its beginnings in the late 1980s, payment was required by post, nowadays bank transfers, credit cards and even cryptocurrencies are requested.
This is something that no one is exempt from these days, and they are becoming increasingly massive and difficult to detect and intercept.
Types of Ransomware:
In the history of ransomware have been appearing various attacks,some of them quite well known and with repercussions in large corporations. But when it comes to classifying them, there are two most common ones:
- Encryption Ransomware: through this system all data, documents, images and other elements of the device are encrypted and without access for the user. This leaves the basic functions free and with a threat message warning that if the ransom is not paid within the stipulated time, all those blocked files will disappear.
- Ransomware Blocking: this system does not aim at the deletion of data and files but the partial blocking of the basic functions of the computer, which allows to interact with the cybercriminal and make the ransom payment.
Ransomware attack vectors:
There are many attack vectors in ransomware, but undoubtedly the most used is malspam or malicious spam.
- Malspam or malicious spam: these are e-mail messages through which malware is sent through PDF files, Word, url to malicious websites etc.
This method exploits social engineering to trick users into believing it is a legitimate and trustworthy email and clicking on malicious links. In many cases they impersonate national institutions, banks, etc. In a personalised way, they request certain actions that at first sight may seem the most common and normal for the user who receives them.
- Adware: a method of distributing malware without the need for user interaction through online advertisements. In many cases these advertisements are distributed on completely legal pages, but when the user clicks on them, they are classified on malicious servers that detect all their information and send the malware. During this whole process the user is not aware of what is happening, which is known as “drive by download attack”.