Ransomware is a plague. We advise on how to protect yourself and how to recover data in the event of an attack

Imagine that someone enters your home, closes all your valuables in an unopened safe, sets up your own access code and tells you to pay for it so that you can get inside and get back what is yours. Absurd? No - this is how Ransomware works.

Ransomware is nothing more or less than malicious software that blocks access to user data until it pays. In the least sophisticated form, blackmail software blocks the system. In the most - encrypts files, making access to them impossible without paying a "ransom".

Ransomware has a long history, but only in recent years has become a scourge

According to Wikipedia, the first program of this type was "AIDS", created in 1989 by Joseph Popp. "AIDS" hid files on the disk and encrypted their names, and displayed information about the expiration of the license to use certain files. In exchange for unblocking, the victim was asked for a ransom of $ 189.

Over the years 2000 'there were few attacks using blackmail software. The real "boom" of this nefarious solution occurred after 2013, with the growing popularity of CryptoLocker, using Bitcoin to obtain payments. Cryptocurrencies made the transactions impossible to trace, and thus also prevented the cybercriminals responsible for the attack using ransomware.

CryptoLocker has spread between users in a simple way - as an attachment added to the e-mails. According to Avast, over half a million machines fell during the 2013 and early 2014, while malware forced over 3 million. dollars. ransom.

However, the most serious - so far - example of ransomware is WannaCry , hailed by experts as the most dangerous malware in history. WannaCry also initially spread in the form of fake attachments in e-mail, as well as using the SMB protocol error in Windows to independently spread to subsequent devices.

Microsoft quickly patched the vulnerability in its operating systems, but with the general reluctance to update the operating system, it was not implemented quickly by users. As a result, WannaCry spread to over 250,000 in just four days. machines in 116 countries and over 150,000 Android devices.

WannaCry is also the first case of Ransomware, in which a lot of public institutions and companies suffered: the British health service suffered the most, the Frankfurt station, the police in YangCheng and the university in Milan paralyzed. Hundreds of companies have also lost money, from giants like Renault to small enterprises.

As the ransom demand was relatively low ($ 300-600), many users decided to pay.

QNAP TS-351 with snapshot mechanism allows you to defend against Ransomware attacks

The attack with the use of Petya software (or NotPetya) had even greater consequences, which occurred just after mastering the confusion associated with WannaCry. However, while WannaCry aimed primarily at ordinary users, Petya used errors related to the administration of company computers connected to the ActiveDirectory domain. As Maciek Gajewski explains :

It was enough to infect the company server itself so that the rest of the computers configured to fully trust it caught the infection. Including those with the latest updates for Windows from Microsoft.

Initially, the attack was targeted at companies and government institutions in Ukraine. Major sectors of the economy were affected, such as banking, aviation and energy. Government domains have ceased to operate. The deputy prime minister of Ukraine himself wrote that "the network lies".

The scale of the attack allowed presuming that the Russian secret services responsible for paralyzing Ukrainian institutions were responsible for it. Petya, however, quickly went beyond Ukraine itself - the victims were international companies from Russia (Rosneft fuel network), the United States (manufacturer of Merck medicines) and even Poland (Raben). The infrastructure of the Antonov aircraft manufacturer and the offices of the international legal corporation DLA Piper has been grounded.

The consequences of the attack were so serious that the Polish government convened the Crisis Management Team.

Ransomware is one of the most onerous forms of attack. How to defend against it?

Unfortunately, it is not easy. Of course, the first advice is always "think!" - do not open suspicious messages, attachments from emails of unknown origin and strange files allegedly sent by your friends. This is how the largest ransomware attacks in history have spread.

The second advice is "update the system. Always . "

Many users permanently postpone updating the software for later. Either from simple objection, or from unwillingness to change, or from fear of errors in the functioning of the system. However, it is better to spend a few days over with a software error than to install an important security patch that can save us from being infected with blackmailing software.

The third council is "backup, backup, backup" . The most important data should always have your backup, preferably in three places - the cloud, an external drive and (if possible) a disk located outside of your place of work / residence.

This is, of course, the basics that we should always use. In the case of ransomware attacks, however, they may turn out to be inadequate.

QNAP TS-351 with snapshot mechanism allows you to defend against Ransomware attacks

This is due to the fact that ransomware is able to encrypt not only computer disks, but also local network resources. Even if we have backup on a NAS, after encryption we lose access to it.

To this you must also admit that the forms of "approaching" users by cybercriminals are becoming more sophisticated. It is extremely difficult to distinguish a real message from a fake one, the more so that offenders get impersonation, for example, into banks and government institutions.

There are also attacks that are able to deceive security, using so-called "zero-day" mechanism, ie exploits used by cybercriminals before the software producer can issue an appropriate patch. In this situation, the user can not count on the chance to protect himself from the attack. He can only think about what to do when the attack takes place.

The most effective way to protect against the effects of a ransomware attack is the snapshot mechanism found in NASN's QNAP.

https://www.youtube.com/watch?v=tR5u94Z6lP8&feature=youtu.be

In contrast to the classic backup, which creates a copy of a given file, the snapshot mechanism records metadata of files, which allows you to save and restore different versions of the same file, folder, and even the entire volume.

So when it comes to attack with the use of blackmail software, it is possible to restore previous, uninfected versions of encrypted files. On a daily basis, the entire process is imperceptible to the user - once the mechanism of snapshots on QNAP network drives is running in the background, constantly making backup copies. The user does not have to remember anything.

However, when an attack occurs, it is very easy to regain access to the encrypted data.

QNAP TS-351 with snapshot mechanism allows you to defend against Ransomware attacks

How to recover data lost as a result of a ransomware attack?

QNAP provides a solution in a few trivial steps:

  • If you notice ransomware or a ransomware message, disconnect your computer from the Internet and the NAS. The NAS server itself is also worth disconnecting from the network to prevent the spread of malicious software.
  • Disconnected from the NAS network can be connected to the monitor, mouse and keyboard (if it has an HDMI output), or to the computer (making sure that it does not connect any infected folders shared with the server).
  • From the list of "snapshot manager" we choose a snapshot taken before the ransomware attack. We delete all files from the infected folder and then restore them using the snapshot.

Such restored files should appear in an unencrypted form.

QNAP TS-351 with snapshot mechanism allows you to defend against Ransomware attacks

It's better to pay yourself than to pay cyber criminals.

NAS servers are not the cheapest devices. It is understandable that many users are waving their hand at the potential benefits that they will potentially benefit from during a potential attack.

The problem is that the potential of the attack increases year by year, and the number of incidents using various types of ransomware has been reported in millions since 2013. Therefore, there is a good chance that our machine will fall victim to blackmail software.

So it's better to blow on cold. Show common sense, back up and regularly update the operating system and other software.

And if we keep important files and documents on the computer, the loss of which can cost us a lot of money, it is better to stock up on a NAS with snapshot support. It is better to spend money on a secure backup mechanism in advance than to be forced to demand a ransom.

* The material was created in cooperation with the QNAP company



Ransomware is a plague. We advise on how to protect yourself and how to recover data in the event of an attack

Comments

Post a Comment

Popular posts from this blog

What is VoLTE and how can you activate it on your Xiaomi

Image
In recent years, phone calls have evolved to achieve great sound quality. So much so that today we can find technologies such as VoLTE allowing us to make voice calls in high definition on our Xiaomi. Beyond the classic GSM networks, movistar, vodafone and other operators have integrated this technology, which in turn derives from the advantages of Internet access. Thanks to 4G or LTE networks, VoLTE allows us to make not only high-definition calls, but also to improve consumption and add other services . What is VoLTE and what are its advantages after activating it on a Xiaomi In detail, VoLTE is a technology capable of transmitting voice communications over the Internet . For this, whether we have a Redmi Note 8 Pro, a Xiaomi Mi A2 or any other smartphone from the firm, our voice will be encoded from analog to digital allowing its transmission in the form of packets through the network. With this, as we have already said, after activating VoLTE we will achieve higher sou
Read more

So you can check the battery status of your Xiaomi smartphone and how many cycles you have performed

Image
Today, our smartphone has become one of the most important tools in our day to day. That is why the duration of its battery and the state of it is very important if we want to be able to use it with total peace of mind and in a continuous way. In view of this, MIUI includes a secret menu that allows us to verify the state or health of the battery of our Xiaomi smartphone and also check the cycles that we have performed . Let's not forget that each cycle represents a full battery charge from 0% to 100% Since lithium batteries degrade with the passage of time , use and recharges that we have made, knowing these two data will give us a vision of the general state of your state and with it knowing if it has worsened considerably with the passage of weather. How to check the battery status and cycles performed on our Xiaomi smartphone To access this hidden menu in MIUI and check the battery status of our Xiaomi smartphone we will only have to perform the following steps:
Read more

How to exit the FASTBOOT mode of your Xiaomi if you have entered accidentally

Image
Although, the fastboot mode of Xiaomi phones with MIUI allows us to solve bugs or change ROMs, it is also common to enter without wanting to. If this has been your case, you most likely want to get out of Xiaomi's fastboot without spoiling anything. In general, leaving this mode that includes all Xiaomi, Redmi and POCO with MIUI is extremely simple. Even so, on certain occasions, exiting fastboot mode is more complex , either because Recovery starts or because our smartphone does not work correctly. In view of this, below we are going to explain how to exit the fastbook mode of your Xiaomi if you have entered without wanting to . In addition, if the conventional mode does not work, we will also give you other tips to exit this mode without causing any damage at the software level. How to exit Xiaomi fastboot If we have accidentally entered the Xiaomi fastboot , to exit this way we will only have to perform the following steps: Press and hold the power button for about 10
Read more

Does your Xiaomi charge slowly or intermittently? So you can fix it

Image
Does your Xiaomi charge very slowly or intermittently? This error is usually very common when our cable is in poor condition, we use a low-quality charger or even when the USB or USB Type-C port of your Xiaomi is dirty or obstructed. With a view to this, below we will explain the main steps or solutions to take if your Xiaomi charges slowly , if the charge is intermittent or if in the worst case, your mobile does not detect the USB that is connected to the socket electric. 1. Clean the USB port Although it may sound simple, in most cases slow charging problems are usually caused by a piece of paper or a speck of dust that obstructs the pins of the USB port . Taking into account the nature of this connector, it is normal that after repeated use dirt accumulates inside. A dirty USB C port is usually the main cause of slow or intermittent charging. To solve this charging problem and clean the USB C port of your Xiaomi, it is recommended to blow lightly inside the port itself.
Read more

Problems with Android Auto and your Xiaomi? So you can fix it

Image
Unfortunately Android Auto continues to present certain problems on some Xiaomi . Errors such as error 16 that prevent our smartphone from correctly linking to this Google vehicle system. Still, these bugs are largely solvable. And it is that, in most cases the impossibility of using Android Auto through our Xiaomi is given by the dual applications themselves. In view of this and taking as a source this interesting article from Mi Community , below we will explain how to solve two of the most common errors that we usually find when linking or connecting our Xiaomi to a car with Android Auto. Fix Android Auto error on Xiaomi devices One of the main errors of the type « An error has occurred » that we usually find when connecting Android Auto to our Xiaomi is related to Google Play Services . In itself, this error shows the message « It seems that Google Play Services does not work at the moment «, making it impossible to connect Android Auto to our Xiaomi. To solve it we j
Read more

If your Xiaomi disconnects only from the WiFi it may be because of that MIUI setting

Image
One of the most common problems in Xiaomi smartphones is usually related to the WiFi connection and its automatic disconnection . A quite annoying problem, which in most cases is usually caused by a bad MIUI configuration . If you have a Xiaomi, Redmi or POCO and you notice that sometimes your smartphone disconnects only from the WiFi without having taken any action, do not miss this article where we tell you how to solve it in most cases. Disconnection of WiFi on your Xiaomi, how to solve it Although it is true that the problem may be caused by some other failure, in most cases the spontaneous disconnection of the WiFi connection is caused by a bad MIUI configuration, specifically, its automatic connection to the networks with better signal . By having this option activated on our smartphone, if the WiFi signal drops at any time, it will automatically disconnect to use the data connection . To deactivate it enough to do the following steps: Go to Settings> WiFi> Wi-Fi
Read more

How to change the font in MIUI and thus further customize your Xiaomi: so you can change the type, color and size of the letters of MIUI

Image
Among the multiple options that MIUI offers us we find the possibility of changing the source of our Xiaomi . This option will not only allow us to change the font , but also change the font color and size . For this it is necessary to make use of some Asian region, be it India, Hong Kong or any other. In addition, it should be noted that this adjustment that allows us to change the source is only available for MIUI 9 , MIUI 10 and MIUI 11 , so if we have a Xiaomi Mi A2 or Xiaomi Mi A3 we will not be able to do it. How to change the font in MIUI To change the font in MIUI we must perform the following steps: Go to Settings> Additional settings> Region Next we select India or Hong Kong as a region. Go to the Themes application, download the font that we like the most from the new lower option that will appear with hundreds of fonts and then apply it. After applying it, it will be necessary to restart our Xiaomi mobile. Once done , we will have installed the ne
Read more

What is the Safe Mode of your Xiaomi, what is it for and how can you activate it

Image
In addition to the typical options that we find in the MIUI settings, Xiaomi also adds a mode called " Safe Mode " or " Safe Mode " to its smartphones. We will talk about this below, explaining its usefulness and how to activate or deactivate it on your Xiaomi, Redmi or POCO. Safe Mode allows us to start a special boot, loading only the system itself and the applications that were installed on our Xiaomi when we bought it. That is, starting the Safe Mode or Safe Mode our smartphone will start loading only the essential applications . This mode is a temporary state of our smartphone and does not make any important modification on the device. In itself, Safe Mode does not delete our data , it just starts our Xiaomi, loading the basics and essentials for its operation. Safe Mode only starts essential MIUI applications. Thanks to this, the Safe Mode will help us to rule out failures in our Xiaomi derived from the installation of an application or the modific
Read more

Improve and amplify the volume of your Xiaomi and / or headphones with these simple adjustments

Image
With the evolution of technology and the arrival of content on demand, many of us spend much of the day with our headphones on, playing music or watching series and movies. That is why many of you have asked us how to increase the volume of the headphones in Xiaomi smartphones or even how to improve the sound quality in Xiaomi AirDots or Redmi AirDots S wireless headphones. How to improve the sound and increase the volume of the headphones in MIUI of Xiaomi If what we want is to increase or amplify the volume of our headphones on a Xiaomi smartphone with MIUI we must perform the following steps: Go to Settings app> Region We will change our region to Andorra, India or any other country outside the EU. With this adjustment we will be able to "skip" the European restrictions that limit the sound volume, obtaining greater amplification , both in headphones, and through the speaker itself. Headphones with cable and jack connector Xiaomi Mi Hybrid Pro HD. In add
Read more

How to activate the second space if your Xiaomi does not have this option

Image
MIUI's Second Space functionality allows us to have two smartphones in one. A way to divide our Xiaomi into two different accounts , either for personal and work use, to perform tests or simply, to prevent our son or little brother from accessing our applications and documents. Unfortunately, terminals like the Redmi Note 10 lack this functionality . The same happens with other terminals of Xiaomi, Redmi and POCO of mid-range and entry. If we access the Settings, this functionality is not found among the various MIUI options . Even so, there is a little trick that allows us to access the Second Space functionality even if your Xiaomi does not have it . In this way we can create a second space without any type of restriction and in any Xiaomi, Redmi or POCO. Activate the second space on your Xiaomi If your Xiaomi, Redmi or POCO does not have the Second space functionality when accessing Settings> Special functions , do not worry, below we will explain how to use it with
Read more