.JPG)
Brazilian news sites have recently disclosed the dissemination of malicious code, the 🇧🇷Bad Rabbit'. He would hijack computer files and demand a ransom of 0.05 Bitcoin – about R$ 1 thousand – to release the information again. The virus attacked the computer through a fake program update file adobe flash player, widely used in news portals. Most of the affected computers belong to companies and institutions in Russia, Turkey, Ukraine and Germany. Everything leads to think that the idea of the creators of the 'Bad Rabbit' was to repeat the “success” of the attacks carried out by WannaCry and Petya earlier this year.
Several alerts have been released regarding attacks of the ramsoware type, which are growing all over the world. Last year, cybercrime caused more than $5 billion in damage worldwide, according to an estimate by consultancy Cybersecurity Ventures.
So we interviewed experts who provided key guidance for preventing similar attacks in the future, at home and in the enterprise:
1 – Integrated Security Platform
Rodrigo Salvo, who develops security strategies at the integrator Teltec Solutions, highlights the need to adopt Integrated Security Platforms and cloud computing (cloud computing) that can act at all points of infection, whether at the perimeter of a network, accessing it, servers and user devices. These sensors together can correlate events together with a Global Threat Intelligence Cloud, which have the ability to give quick protection and prevent security incidents. “Some clouds analyze 1.5 million malware samples, 600 billion email messages and 16 billion address translation (DNS) requests a day,” he says.
The adoption of Integrated Security Platforms also allows protection against malicious events, intercepting the threat before, during and after an attack in an automated way with the network infrastructure. In the case of a security incident in another country, the expert says that all sensors can protect the environment in a few minutes, regardless of how far they are from the place where the attacks took place.
2 – Team orientation
For Cassio Brodbeck, CEO of OSTEC Business Security and specialist in corporate virtual security, the human side is the weakest link in incidents like this and therefore needs greater attention, especially in the case of companies that do not have a robust security policy. safety. 🇧🇷No matter how many resources your company has, keep your team always guided by good information security practices and use of resources. Training with a preventive approach and constant recycling are essential", he explains. He also emphasizes the importance of carrying out the distribution of informative and educational materials as a simple alternative to help managers guide their employees.
3 – Accessible and quality connections
However, information security can only go one step further if we step back and take a closer look at the process itself. Emanoel Monster, Cianet's security consultant, argues that “it's no use protecting just the edge if the system is infected. It is necessary to ensure that software and operating systems already offer the minimum of protection against infections”. In order for computers to support the new “weight” of these solutions with more built-in functionality, investment must also be made in internet networks, improving connection at low cost as a way of encouraging everyone to have access to the latest versions of programs and, consequently, , the security.
4 – Website security
Most scams are linked to invasions or data hijacking, which can affect not only large corporations, but anyone who has a website. “One of the resources available to increase the security of a site is SiteLock, a security seal that performs daily scans in search of potential security problems, such as viruses and malware. In addition to the website, it checks email, applications, FTP and others, in addition to monitoring file changes”, said André Olivato, Linux Support Analyst at HostGator Brasil.
EN 
PT 
