Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:

News

Home / News
/
ITALIAN SUPERVISORY AUTHORITY: pay attention to the ransomware. The program which is taking as a hostage your device

ITALIAN SUPERVISORY AUTHORITY: pay attention to the ransomware. The program which is taking as a hostage your device

The current health situation caused by COVID-19 – which brings people being connected online and using digital devices – seems to be followed by a dangerous “digital infection”, powered by hackers who spread out “malware” software for different illicit purposes. One of the most harmful and spread activity is the so-called ransomware.

  1. What is the ransomware?

The ransomware is a informatic harmful program (“malware”) which can infect a digital device (Pc, tablet, smartphone, smart TV),  by blocking the access to all or some of its content (photos, videos, files, etc.) for asking then a ransom to pay and get them free.

The payment request, with instructions, usually appears in a window which is automatically opened on the screen of the infected device. To the user is threatening communicated that he/she has few hours or days for communicated the ransom payment, otherwise, the block of the content will be definitely.

There are two type of ransomware:

  • Cryptor (which encrypt files included in the device by making them inaccessible);
  • Blocker (which block the access to the infected device)
  1. Who is spreading out?

Even if in some cases (unfrequently) the ransomware shall be installed on the device by a sophisticated form of informatic attack (for example, the remote control), this type of harmful software is spreading by communication received by email, SMS or messages texts that:

  • Seem to be apparently from known and trustable subjects (for example express curries, managers of services, phone operators, public administrations, etc.) or by trustable people (colleagues, relatives)
  • They include annexes that need to be opened (frequently as “urgent”) or link and banner to click on (for verifying information or receiving important advices), obviously connected to harmful software.

In other cases, the ransomware shall be downloaded on your device when the user:

  • Clicks on banner or link on website (the most used channel is represented in social web for adults) or social networks;
  • Browses on websites created ad hoc or “compromised” by hackers in order to become the vehicle of ransomware.

The ransomware shall be spread out by hackers also by software and app (games, utilities for PC, false antivirus), which are offered freely in order to get the attention of the users and invite them to the download and infect their devices.

It is important to remember that each infected device shall not infect others.

The ransomware attack shall spread out by exploiting, for example, synchronizations between devices, sharing in cloud systems, or shall get the address book of contacts and use it in order to send automatically other people messages including links and annexes which become the vehicle of the ransomware.

  1. How to protect from this?

The first and the most important thing to do is the prudence. It is important to avoid opening messages which came from unknown subjects or with which we do not have any relationships (for example another phone operator that we are not client, an express courier from who we do not expect anything, etc.) and, in each cases, if we have doubts, we do not have to clink on the banner or link which are suspicious, and we have not to open annexes.

If messages came from known subjects, it is good to adopt some cautions. For example:

  • Do not open annexes with strange extensions (for example, annexes with extensions “exe” are at risk, because they can install apps into the device);
  • Do not download software by suspicious websites (for example, those one which provide freely products that are usually paid);
  • Download apps and programs by official markets, in which managers carry out controls on products and where it is possible to read comments of other users which include warning on potential risks;
  • if you are using a PC, you can hover your mouse over any links or advertising banners received by email or present on websites without opening them (so, at the bottom of the browser window, you can see the preview of the link to open and check if it corresponds to the link that you see written in the message: in case they do not match, there is obviously a risk).

It is also useful:

  • install an antivirus with anti-malware extensions on all devices;
  • keeping the operating system up to date as well as the software and apps that are used most often;
  • use backup systems that save (even automatically) a copy of the data (even free and free solutions are available for all operating systems). With a proper backup, in case of need, you can restore the data contained in the device, at least until the last save.
  1. How to get rid of ransomware?

Paying the ransom is only apparently the easiest solution. In addition to the economic damage, there is in fact the risk of not receiving unlocking codes, or even ending up in “lists of payers” potentially subject to periodic ransomware attacks.

The recommended solution is to contact specialized technicians able to unlock the device.

An effective alternative is to format the device: but in this case, in addition to deleting the malware, you lose all the data contained in it. For this it is essential (as suggested) to make periodic backups of the contents (which is always a good practice) so as not to lose them in case of accidents (eg: damage to the device, etc.) or computer attacks that require restoration interventions.

SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELL’ITALIA – GPDP

Recommended to you

Advanced Research