Despite the increasingly better protection of antivirus, ransomware infections have not only not stopped growing, but have skyrocketed by 700% in 2020 compared to 2019. For this reason, Comparitech has developed a curious map in which they show all the ransomware-related attacks that are taking place in real time around the world.
Ransomware began to skyrocket in popularity with hackers in the wake of the birth of cryptocurrencies, as they could anonymously demand ransoms and then move the money in a way that leaves no trace. Added to this is that, as soon as a vulnerability is discovered, there are faster mechanisms to exploit it before users patch it, since details are usually published weeks or months after the patch, and it is only necessary to see what changes does to locate the fault.
This map shows ransomware attacks
This interactive map created by Comparitech seeks to educate users to see the attacks that are taking place around the world in real time . The map is not 100% accurate, but it does allow you to see where large companies or countries affected by the attacks are located. Thus, even if it is not perfect, it achieves its goal: to raise awareness about the dangers of ransomware.
Many of these ransomware attacks are carried out with malware that is sold by subscription. With this, the creators are updating it with the latest vulnerabilities available to introduce it in computers that are not up to date with updates. Among them we find, for example, Ryuk, which has caused serious problems for several companies and institutions in Spain. There was also the recently disappeared REvil.
In Spain we can see several produced in the months of May and June , although the map does not specify in which city. The ranking is led by countries such as China and the United States, since they are the ones that receive the most attacks with this type of malware, which is very popular, especially in Russia.
It is important to have backups of our data
With this type of malware, attackers seek to obtain economic profit in the most comfortable and “safe” way for them, since they can collect it without leaving a trace. To encourage payment, they encrypt all the files on the computer that they manage to infect, and then request a ransom that has to be paid in cryptocurrencies such as Bitcoin. The most common is that attacks on individuals or small businesses by malware campaigns request hundreds of euros in cryptocurrencies. However, attacks directed at institutions or large companies can demand thousands and even millions of euros, as we have seen this year.
The best thing to do in these cases is to never pay the ransoms, since, if they are paid, the attackers will have incentives to continue carrying out attacks. In addition, nothing guarantees that the hacker will give you the encryption key for the files so that you can recover them, since even the email to send the proof that you have made the payment may have stopped working. Therefore, it is best to be proactive and have backup copies of our data outside the computer, whether on a NAS, a device disconnected from the computer or the Internet, or a copy in the cloud.