What is ransomware?

Ransomware (‘ransom’ and ‘software’) is a malicious programme that usually reaches the intended recipient via an attachment or an attractive link, via email or instant messaging service. But the sophistication of cybercriminals means that there are also examples of ransomware via supposed system updates, supposedly trustworthy programs, or pages of uncertified origin.

How does it work?

• By infecting a particular user and, based on his or her permissions, it acts on the operating system and the network.
• It starts encrypting all or part of the files within the user’s reach and/or exploits unresolved vulnerabilities.
• It leaves devices that are currently connected via USB or network inaccessible.

Always follow these tips to avoid or minimise the effects of a ransomware attack

What to do if you are attacked?

The solution is to have a key that, of course, only the cybercriminal possesses. This is where blackmail and extortion come in: asking for a certain amount of money in exchange for the decryption key. The recommendation is not to pay in any case and to turn to professionals in the field.

If you are a victim of a ransomware attack, there are two basic precepts to follow scrupulously:

• Disconnect the computer from the network (uncheck the Wi-Fi option or remove the network cable).
• Do not delete any type of file or start any operation. In many cases as a result of ignorance, people try to fix the problem on their own which ends up complicating the recovery of the information even more.