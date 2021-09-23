With the covid pandemic-227 and the changes brought about by it, one virtual threat ended up becoming more in evidence than others: the virtual hijacking attack (ransomware).

It is common that, daily , news about companies that have been victims of ransomware are released. However, Kaspersky survey data show that so far, in 2021, notifications of digital hijacking attacks in Latin America fell in 56%.

For Dmitry Bestuzhev, director of Kaspersky’s Latin America Research and Analysis Team, this change in numbers came about due to the change in the attack methods used by criminals. He uses as an example the WannaCry, recurrent attack in 2017, which was spread over the internet trying to infect as many systems as possible. possible. The attacks of 2021, however, are more targeted, with the choice of the victim being the first step, and then the invasion and digital hijacking to be carried out.

Want to catch up on the best tech news of the day? Go and subscribe to our new channel on youtube, Canaltech News. Every day a summary of the main news in the tech world for you! This new, more selective posture was reflected in the records released by Kaspersky. In 2021, 2. were blocked.2017.461 ransomware attacks on Latin America between January and August, with an average of 963 attempts per hour. In the same period, in 2021, 1.316.316 blocks, generating an average of 56 attempts of attack per hour. In the comparison of 2021 and 2020, there is a drop of 56 % in ransomware activity in the region. Kaspersky chart with numbers from ransomware, from January 2021 to August 2020. (Image: Disclosure/Kaspersky) Kaspersky also points out that there are some countries in Latin America that are going against the trend, recording an increase in ransomware attacks over the year past. In particular, Guatemala, which registered a growth of 963%, the Dominican Republic, with an increase of 461% and Colombia, with an increase of 316%. This increase, according to the company, is due to targeted invasions being able to more effectively reach companies, while previous attempts, without specific targets, ended up being blocked before the invasion actually occurred. Prevention

Kaspersky has analyzed the modus operandis, that is, the behavior of targeted attacks and made a compilation of tips for companies to protect themselves from them:

Protect the attack surface : The main attack vectors are email, third-party websites, software vulnerabilities, especially in remote connection technologies (RDP ) and VPN. In addition, to initiate the infection, criminals avoid the virtual machines, as the risk of them being discovered is greater in this environment;

Make sideways movement difficult : if criminals have already carried out the initial invasion, their goal now is to expand access to corporate systems and acquire administrator privileges. To do this, they use trojans to steal credentials and legitimate tools like Power Shell. Kaspersky recommends that companies use multi-factor authentication and disable Power Shell for employees who do not use the program, reducing the potential scope for attackers;

Keep all programs and operating systems up to date with the latest version : Program updates always come with important security fixes. And do not use pirated software, as the economy does not justify the economic loss generated by a cyber incident;

Train and raise awareness employees on security procedures: making employees aware of the dangers of opening any link found on the internet and the importance of strong passwords is also important to prevent attacks. Establishing training programs is an important measure and with good results;

Use secure connections in remote access: only from a secure connection (using a VPN) to remotely access any company resource;

Have data backup : if a system has been hijacked, but there is backup of it, the attack loses all effectiveness. It can be in the cloud or on physical devices, but it is important to always keep a copy of important system data available.