* By Otto Pohlmann
The popular maxim “Safety is better than cure” can, and should, also be taken seriously in the online environment. After all, in post-pandemic times, with home office and process automation at the top of corporate strategies, investing in digital security has become a mandatory condition. The theft of confidential data from the company itself and from third parties, in addition to financial gains, are always in the sights of cybercriminals.
Faced with the growing scenario of hacker attacks in Brazil, cyber vulnerability is one of the main challenges for small, medium and large companies. To get an idea, just in terms of attack ransomware, the country today has at least 17 groups, according to a survey by Apura, a virtual security company. More than half of the virtual invasions promoted in Latin America by these collectives take place in Brazil. The survey shows data from the region collected over a period of 18 months, between January 2020 and July 2021.
ransomware is an extremely powerful computer virus. It is usually installed through suspicious links on websites, emails or even messaging apps. Upon entering the systems, the ransomware encrypts your files and blocks machine use. The objective is to demand the payment of a ransom for the kidnapping of the information, normally done with digital currencies so that the recovery happens through a password generated by the hacker. To make matters worse, these threats tend to be silent most of the time. That is, they only appear when a good part of the operation is already compromised, complicating the work of IT professionals in an attempt to reverse the situation.
Also according to the Apura report, attacks were identified that victimized 137 organizations in Latin America in the 18 months evaluated. Of this total, 71 attacks, that is, 51%, were in Brazil. Mexico, with 21 occurrences, is second on the list. Of the 20 countries in the region, there were cases in 11. The main targets were companies and institutions in the health area. Both in the country and in the region, the most active group in the period was the so-called Prometheus. According to the CEO of Apura, it is common for these collectives to constantly change their names, to mislead possible encryption solutions – in the case of Prometheus, it was also known as Spook.
The groups of ransomware detected in Brazil were: Avaddon, Conti, DarkSide, Egregor, Everest, LockBit, MAZE, Mount Locker, Nefilim, NetWalker, Prometheus, Pysa, RagnarLocker, Ragnarok, RansomEXX, Sekhmet and Sodinokibi (REvil).
Techniques to prevent any attack
Even in the face of so many invasion attempts in virtual environments, it is possible to adopt preventive measures to keep threats away from devices and servers. This is an initiative that requires a good deal of planning and teamwork, as a small slip can represent the gap that malicious programs need to carry out an infection.
Among the basic actions that must be adopted are: checking e-mail senders before opening or downloading attachments; avoid accessing suspicious or unknown source links; verify that the pages accessed on the internet have a security protocol; maintain a corporate antivirus with firewall and always up to date; perform constant and audited backups; develop an effective data access policy; and install only genuine software on company devices.
Only with a clear information security policy and accurate strategies is it possible to mitigate risks. Therefore, it is very important to find a suitable partner for this endeavor, capable of offering advice and the best solutions.
*Otto Pohlmann is CEO of Centric Solution
Notice: The opinion presented in this article is the responsibility of its author and not of ABES - Brazilian Association of Software Companies
EN 
PT 
