Ransomware is a type of malware that encrypts the data of the infected device. Once it is enabled, it requests a financial ransom with the promise of returning you control over your computer and the password to decrypt your information.

This digital threat affects individual users, companies, governments and even critical services such as hospitals or power stations. For this reason, it is highly important that you have a better understanding of it and learn to identify and prevent it.

What ransomware is and how it works

Ransomware causes your device to be blocked, encrypting the information and spreading quickly through other systems that may be connected to it. Then, it shows you a warning screen that informs you that your computer and the information it contains is being encrypted and held by the cybercriminal.

Your equipment and the data it contains have been kidnapped.

Some ransomware shows you the amount you must pay and the payment method in the same message, usually using cryptocurrency like bitcoin; others will show you an email address so that you can contact the perpetrators of the crime.

These assure you that they will give you the password to decrypt your data and regain control of your computer if you pay the amount agreed within a time limit, although there are never any guarantees that they will comply with the deal.



How you can become infected with ransomware

  • Phishing campaigns: malicious emails are one of the most commonly used ways of attack to insert ransomware and other types of malware into your computer. Thanks to their effectiveness, cybercriminals continue to doctor this type of scam increasingly to trick us more easily.
  • Currently, we have detected emails that, by impersonating a known sender, send you an encrypted ZIP attachment. The body of the message informs you of the password to decrypt the attachment and decompress the malicious file it contains. If the file is opened, it will infect the device if the device's anti-malware does not detect it.
  • Malicious or compromised websites: they are usually websites for illegally downloading films, pornographic content or video games. When you interact with these deceiving websites, you are redirected to another compromised page that infects your computer with ransomware or another type of malware.

Cómo puedes protegerte de un ransomware

  • Learn to detect phishing emails: you must always apply a series of steps before trusting an email's legitimacy. These are some tips you should follow: always use your common sense, check that the sender is legitimate, assess where the email URLs are going, check the coherence of the content and the way in which it is communicated, in addition to other security steps that will help you to detect whether the email may be malicious
  • Keep your operating system and applications updated: you must regularly check whether new versions or updates are available on your system and permit them to run automatically on your computer, since they will help you protect your computer from multiple threats.
  • Use an updated antivirus: although no antivirus guarantees you total security, they are indispensable when it comes to protecting your computer. They can analyse files, protect you from malicious web addresses and emails that may contain viruses, as well as help you to keep yourself safe from many other online threats.
  • Make backups: a ransomware infection's chief threat is the loss of your data; therefore, it is essential to regularly make a backup of the most important information on different devices or media.
  • In the event of an infection, call 017: the Cybersecurity Helpline run by INCIBE, Spain's National Cybersecurity Institute. If you are subject to a cybersecurity incident, such as a ransomware infection, INCIBE-CERT provides you—as a citizen or company—with its technological and coordinating capacity to help you via its incident response service.
  • Do not trust unknown external devices: they can be cybercriminal traps to insert malware into your computer. Therefore, never connect USB devices if you are not aware of their source.

Bear in mind that most ransomware infections occur through social engineering attacks. In other words, those in which cybercriminals try to trick you into clicking where you should not.

Therefore, it is essential that you stay alert and informed of any new threats that may arise on the network. Increasing cybersecurity awareness is one of the best measures to prevent against cyberattacks.