This 2020 that has just ended has definitely upset our digital habits, exposing us to significant additional digital attacks including ransomware that have undergone a significant increase . In fact, with the extension of digital work there has been a strong leap forward in technology in the home environment which, however, does not have the same levels of security as that in the office. In addition, the dramatic increase in ransomware attacks has created a very worrying scenario.
Ransomware: A Worrying Rise
The recent report just published by Fortinet analyzes the most prevalent types of attacks in 2020. Unfortunately, ransomware is becoming increasingly important: we had already talked about it also regarding the malware against Enel Group . This attack is extremely sneaky but once it gets into our systems it manages to encrypt them completely and threatens to delete the data (or stop giving us access) if we don't have the ransom. required. Unfortunately, even if we give in to the ransom, we may not always receive the key necessary to decrypt our data because the databases containing the keys are often shut down quickly so as not to be traced.
Apparently thinking of making money with some ransom seems absurd but the people who are willing to pay are many more than we can expect. Therefore, multiplying the sums obtained by a large number of encrypted devices (the attack is carried out on a large scale), huge gains are easily obtained without risking too much.
The most popular ransomware are Thanos, WastedLocker, TrickBot and the already well-known BazarLoader (or BazaLoader) we talked about during Valentine's Day. The sectors most affected range from healthcare, to public organizations as well as financial companies. The advice already known to protect us from these attacks always remain valid, such as paying close attention to the files you download from the Internet and not opening particular attachments or links from e-mails that arrive. Despite everything it is possible to come across these malware anyway and at this point it is not necessarily guaranteed that we will succeed in the enterprise of getting our data back. It will be difficult not to give in to the temptation to pay the ransom in order to get our system back.
The home office
The other interesting aspect of Fortinet's analysis is the focus on domestic workers. In fact, the pandemic has greatly favored the spread of smart working among companies, especially in the service sector, which required an enormous initial effort to address the technological shortcomings of Italian companies. To this we must add the difficulties of workers to combine work and private life by spending whole days in their own home. Being able to conquer the stronghold of corporate devices at home could be access to the corporate network, with a much wider impact.
The use of the VPN, in fact, is not always able to protect us but it guarantees us the safety from attacks through the network. However, we are not immune from attacks directed at the computer we work on which once compromised could lead the attacker straight into the corporate network. Prudence is a must but there are some simple rules that can help us not to put our company in difficulty. For example, never use the same passwords we use for personal services for corporate ones; do not use the company email in contexts other than work; finally, always report all e-mails that we do not expect.
In conclusion, 2020 caught us off guard because we were mostly unprepared to face the great digital revolution we have witnessed. This year we have the opportunity to strengthen our defenses but above all to be more careful and prudent in the use of digital tools. The digital world must be a help and not a danger, we can make it safe together, each one contributing with their responsible behavior.