Internet

Can ransomware prevent it from entering the computer?

Deepak GuptaJuly 1, 2022
0

How a normal attack works

Generally, what ransomware does is infect our computer or NAS server, with the aim of encrypting all the files that are inside the different folders, with the aim of being able to pay the ransom through cryptocurrencies such as Bitcoin, among others. In this way, if we open a ransomware on our PC or they exploit a vulnerability and infect us, the encryption process will automatically begin for all the files, or only some of them.

The reason for encrypting only some is that ransomware does not usually encrypt the executable files or ISO images that we have, because this process takes longer than normal and the user could realize that something strange is happening. First, the ransomware starts with small files, such as office and PDF documents, photos, and also short videos, with the aim of doing us as much damage as possible.

The steps that any ransomware follows when infecting a PC are as follows:

  1. Infection of the PC through Phishing, due to the fact that we have entered websites of doubtful reputation and we have downloaded some file, etc.
  2. Once we run the ransomware on our PC, it will start the infection and encryption process. This process can take several hours, and we do not realize it unless we access a file that is being encrypted.
  3. It will leave us a TXT file indicating that we have been infected, and it will tell us the instructions to follow to recover the files if we pay the ransom.

As you can see, in a very short time after the infection, all our files will be encrypted and we will not be able to access them. For this reason, it is so important 3-2-1 backupsbecause they provide us with a very high level of information security, having several backups and stored in different locations.

Ransomware that locks your PC

There is a variant of this type of attack that is responsible for completely blocking your computer, with the aim that it does not even start, so you will not be able to use it. In these cases, we will have to pay to regain access to our computer. If we try to restart our computer, when we start it we will see a simple text note indicating that we have to pay the ransom to recover the computer, otherwise it will remain blocked.

This type of ransomware generally does not encrypt all the files on our PC, so we could access them through external methods such as connecting the hard drive to a dock and entering with another operating system, however, it is possible that it has affected you a ransom that does both: lock your PC screen and encrypt the files inside it.

VPN used for ransomware

When they carry out this type of attack on us, it is best to identify the type of ransomware that has infected us, in order to know if there is any way to delete it or recover our files. Depending on the type, we could recover all the information on our disks in a simple way, since there are programs that, if we run them, will take care of cleaning the threat and recovering them.

Of course, we will never recommend you to pay the ransom. Cyber ​​criminals often do not keep their promises, so we will not be able to decrypt our files even if we pay for it. The only thing we are going to do by paying the ransom is to give money to cybercriminals so that they continue to commit crimes and harm more people, so you should never pay for it.

What to do to not be a victim

In order not to be a victim of this type of attack, we must comply with four very basic security measures:

  • Do not click on any link or link that comes to us by email, have common sense and do not “sting” in the phishing trap.
  • Have the operating system updated with the latest security patches, and with an antivirus running.
  • Enable anti-ransomware protection in the operating system, Windows has a system that allows you to detect and stop processes that are making many changes to computer files.
  • Make backup copies following the 3-2-1 scheme to protect our most valuable files and folders.

With these four basic recommendations, you will be quite protected against this type of attack, and in the event of being infected, you will be able to recover everything thanks to the backups.

We have other articles that may interest you:
  1. Before sending a file over the Internet, do not make these mistakes
  2. Learn how to use Chrome’s security checker
  3. Advantages and disadvantages of IP cameras with recording in the Cloud
  4. Asuswrt-Merlin is already compatible with the ASUS GT-AXE11000 Wi-Fi 6E
  5. Does your WiFi malfunction sometimes? This is what happens
  6. When and why you shouldn’t connect to Wi-Fi
Deepak GuptaJuly 1, 2022
0

Related Articles

Is your Internet bad even if you use a WiFi repeater? Try this

October 9, 2023

Windows Defender is renewed to better protect users

November 2, 2021

Are you going to buy a WiFi amplifier? keep this in mind

April 27, 2022

5 essentials to have a good WiFi at home

June 28, 2023

Leave a Reply

Your email address will not be published. Required fields are marked *