What Are Ransomware, And Why They Attack Companies

It seems the plot of a modern “technological thriller” instead of what happened to JBS, a multinational American meat company, is a real news case involving the US government and the FBI and which ended with the payment of a ransom of $ 11 million. JBS is the largest meat processing company in the world, founded in Brazil in 1953, and currently has factories in 15 different countries. And its customers include McDonald’s fast food outlets.

It seems impossible that a multinational of this size could have been hacked. Yet, last June, the company was hit by a ransomware attack that made several servers inaccessible for days resulting in the closure of activities in Australia, Canada, and the United States. A production stoppage that, albeit brief, meant substantial economic losses for JBS which led the exponents of the company’s management areas, in disagreement with the FBI, to accept payment of the total amount of the ransom requested by the hacker group Russian Revil who claimed responsibility for the incident.

What Is Ransomware

Ransomware, just like the one that hit JBS, is a real threat to companies and individuals, so knowing what they are can help prevent critical situations. Ransomware belongs to the type of software defined as ” malicious,” specifically ransomware is extortion software (“ransom” in English means ransom). These malware (malicious software) limit the functions or access of the device they infect by requiring a fee to be paid to remove that limitation. Technically, ransomware is cryptographic software that makes specific resources temporarily unusable by encrypting files or blocking PC functions.

Following the installation of the software, you will see a warning appear proposing a cash offer in exchange for a password that can restore everything to normal. Usually, the required amount is in the tens of thousands of dollars up to millions, as happened at JBS. Two types are there. The first, the ransomware lockers, block the computer’s essential functions (for example, the mouse or keyboard may not work), allowing you to interact only with the window containing the ransom note but making the terminal unusable.

In this type of attack, the files are not hacked, as the purpose of the malware is only to block access to them. Crypto – ransomware, on the other hand, encrypts data (documents, photos, videos), making them inaccessible without interfering with the computer’s functionality. This type of ransomware is more aggressive and is often accompanied by a countdown at the end of which, if the requested payment is not made, the files will be permanently deleted.

How Do You Get “Infected” With Ransomware?

Ransomware spreads through user-installed files, usually those with the .exe extension. Once it enters the network, the virus can apply to all connected devices. The favorite distribution channel of ransomware is e-mail. Cybercriminals spread phishing campaigns that deceive users by forcing them to download and install software on their computers. Another method of infection prevalent since 2016 is ” malvertising ” (contraction of “malicious advertising” that is harmful advertising). Malvertising uses online advertisements by redirecting website users to illegitimate servers. These servers acquire data related to victims’ computers and their location, then select the most suitable ransomware to send to those people.

How To Defend Yourself From Ransomware Attacks

Ransomware poses a significant threat to home users and businesses in all its variants. Initially, ransomware mainly attacked individuals, but over time hackers realized that ransomware could do more by attacking companies and institutions, blocking their productivity, or threatening the irreversible loss of sensitive data. Regardless of the type of ransomware, the most effective way to protect yourself is to prevent an attack. Investing in IT security systems and backing up data regularly makes it possible to considerably limit the intensity of an attack.