In Latin America, it is estimated that, on average, 1,600 cyberattacks against companies occur every second. Globally, our region is the first place in incidence of corporate ransomware. One in four companies has been a victim of these attacks.

Ransomware is malware that aims to encrypt the victim's data so that it cannot be accessed and threatens to publish the victim's data or block access to the computer forever unless a payment is made. This commonly happens with extortion in the crypto market and is carried out using Trojans.

Other common ways to become a victim of ransomware are to visit a malicious website, open a malicious attachment, or download software with unwanted add-ons.

Ransomware in numbers

According to the Sophos “State of Ransomware 2023” study, conducted across 14 countries, the most common root cause of ransomware attacks was vulnerability exploitation (36%), followed by credential compromise (29%). .

The education sector was the most likely to suffer a ransomware attack in the last year: 80% of primary and secondary schools and 79% of higher education institutions were affected.

The media, entertainment and entertainment sector reported the highest percentage of attacks that were primarily caused by exploiting a vulnerability (55%). The central and federal governments recorded the highest percentage of attacks that began with compromised credentials (41%).

Organizations that use backups to recover their data recover from the attack much faster than those that pay the ransom. Most companies that used backups recovered within a week. Almost a third of those who paid the ransom took more than a month to recover.

Types of ransomware

More than 130 distinct and active ransomware families or variants have been identified, that is, unique strains of ransomware with their own code signatures and functions.

1. Locking ransomware affects basic computer functions.

2. Encryption or cryptographic ransomware, encrypts individual files.

They are divided into the following categories:

• Leakware/Doxware is ransomware that steals or exfiltrates sensitive data and threatens to publish it.

• Mobile ransomware includes all ransomware that affects mobile devices.

• Destructive wipers or ransomware threaten to destroy data if the ransom is not paid, except in cases where the ransomware destroys data even if the ransom is paid.

• Scareware is ransomware that attempts to scare users into paying a ransom. Scareware may present itself as a message from a law enforcement agency, accusing the victim of a crime and demanding a fine.

According to the IBM report, What is ransomware?, these are the most well-known ransomware variables in recent years:

Tipos de ransomware

The most important thing is prevention.

-Secure your information by making recurring backup copies.

-Avoid downloading files or software from unsafe or suspicious-looking sites.

-Update your operating system and antivirus.

-Protect your personal data, do not disclose it.

-Shield your IP address with a VPN when connecting to a public network.

At CyberLat we can put together a specific protection package for your budget and your organization. We are your best allies so that you can carry out a vulnerability assessment, ensure backup copies of your information in a safe and protected cloud, and train your employees to avoid being victims of credential theft. Making the requested payment is not the best option, it is likely that in addition to requesting a ransom in exchange for “freeing” your information, cybercriminals will also sell your information on the black market.

Investing in security represents savings. The average savings for large organizations that use AI and security automation extensively is $1.76 million compared to organizations that do not. Organizations can now be classified under two headings, those that have already been victims of a cyberattack and those that are going to be. Don't wait to take action, attacks like this can be very costly. Write to us, we can help you.