Eset desarrolló un análisis sobre el nuevo ataque de ransomware que se inició en Ucrania, y cifró información de máquinas de todo el mundo, afectando compañías de distintas industrias como bancos, red eléctrica y empresas postales, entre otras. El ransomware (secuestro de información) es el término genérico para referirse a todo tipo de software malicioso que le exige al usuario del equipo el pago de un rescate.
“El día martes un nuevo ataque de ransomware dejó en evidencia que sigue habiendo sistemas desactualizados, falta de soluciones de seguridad y de planes necesarios para evitar una infección. Los ataques continúan creciendo y evolucionando, por lo que desde Eset seguimos apostando a que la prevención y la concientización son claves para evitar ser víctimas.”, aseguró Camilo Gutierrez, jefe del Laboratorio de Eset Latinoamérica
Con el fin de despejar todas las dudas en torno a este nuevo ataque global, la compañía comparte el siguiente cuestionario:
¿Cuáles son las características de este ransomware?
Se destacan tres aspectos que lo diferencian:
Cifrado: no solo cifra los archivos con una extensión determinada, sino que además intenta cifrar, generalmente con éxito, el MBR (Master Boot Record), que es el registro principal de arranque.
Propagación: tiene la propiedad de un gusano, o sea, puede propagarse a través de diferentes técnicas por la red logrando infectar nuevos equipos.
Exploit: hace uso de ellos para explotar vulnerabilidades en equipos que no han sido actualizados o no se les han instalado los parches correspondientes.
¿Es igual de poderoso que WannaCryptor?
Ambos tienen el mismo impacto: impiden el acceso a la información almacenada en el sistema. Sin embargo, este nuevo ataque no solo cifra la información que se encuentra en los equipos, sino que, luego de que se reinicia el sistema, deja inutilizable al sistema operativo, por lo que las víctimas se ven obligadas a realizar una reinstalación.
¿Qué es lo que hace exactamente esta amenaza?
Luego de que el ransomware es ejecutado, crea una tarea programada con el fin de reiniciar el equipo en un determinado tiempo, que no suele ser más de sesenta minutos. Además, verifica si existen carpetas o discos compartidos para propagarse.
A continuación, comienza a cifrar archivos que contengan una determinada extensión. A diferencia de la mayoría del ransomware, este código malicioso no cambia o agrega una extensión particular luego de cifrar cada archivo, una técnica muy utilizada por los atacantes para distinguir a los archivos infectados.
Por último, el malware intentará eliminar los registros de eventos para no dejar rastro alguno, como también ocultar sus acciones.
¿Cómo se propaga de un país a otro? ¿Llegó a Latinoamérica?
La propagación es una característica destacable de esta amenaza. Una vez que logra infectar un equipo, intenta extraer las credenciales del usuario para luego usarlas con PsExec y WMIC para realizar una búsqueda de carpetas y discos compartidos, y así propagarse por la red a la cual el equipo esté conectado. De esta manera, logra infectar equipos situados en distintos países y regiones.
Sí, llegó a Latinoamérica, en la mayoría de los casos a equipos de empresas multinacionales conectados en red con los de otras filiales en Europa o Asia, desde las cuales se propagó con su capacidad de gusano.
¿Qué se puede hacer para evitarlo?
Tanto en hogares como en empresas, contar con una solución antivirus es imprescindible. La misma tiene que estar correctamente configurada, contemplar qué puertos están abiertos y por qué.
Además, la red debe estar configurada y segmentada correctamente, y monitorear constantemente el tráfico para detectar algún tipo de comportamiento fuera de lo normal. Es esencial realizar un estudio detallado de la información más relevante y hacer backup de la misma, para que, en caso de que se cifre, haya una forma de restaurarla.
En cuanto a las contraseñas, es primordial llevar una buena gestión de las mismas, ya que si tan solo una de las máquinas infectadas posee las credenciales de administrador, podría infectar toda la red.
Si estoy infectado y no puedo acceder al sistema, ¿cómo tendría que avanzar?
Se podrían utilizar técnicas forenses para intentar correr en memoria otro sistema operativo y de esta forma acceder a los archivos cifrados. Sin embargo, no hay mucho que se pueda hacer más que aplicar el backup, lo cual sería crucial para evitar la reinstalación del sistema operativo.
En última instancia, si no hay backup, los cibercriminales siempre ofrecerán la opción extorsiva, pero desde ESET no sugerimos de pagar el rescate ya que mientras siga siendo rentable, el ransomware continuará creciendo.
¿Cómo están operando los atacantes? ¿Esperan un pago a cambio?
El proceso para recuperar la información es el mismo al que nos tiene acostumbrado este tipo de ataques. Una vez finalizada la infección, el ransomware emite las instrucciones, en donde los atacantes solicitan un pago en bitcoins, en este caso, equivalente a 300 dólares.
Pie de imagen: Aviso de que el equipo ha sido infectado.
¿Por qué se ha vuelto tan común el secuestro de datos?
Dentro de los puntos destacables se encuentran la falta de concientización y educación a nivel seguridad que tienen muchos usuarios y empresas. Una gran parte todavía no conoce el impacto que puede tener en un modelo de negocio un ciberataque hasta que es víctima y se ve obligada a pagar para recuperar su información.
Ante esta cuestión, a pesar de la velocidad con que circulan las noticias sobre ataques informáticos y los problemas que generan, los cibercriminales encuentran una motivación importante para continuar desarrollando nuevas amenazas.
¿El ataque está armado por una persona o un grupo? ¿Se necesitan conocimientos técnicos altos?
Resulta difícil pensar que una sola persona puede estar detrás de este ataque, ya que es una amenaza que incorpora varias técnicas en cuanto a exploits, propagación, y cifrado, así como para evadir medidas de seguridad. Sin embargo, no podemos asegurar cuántas son las personas involucradas en el desarrollo de un ataque de tal magnitud.
¿Se puede dar con los autores del ataque?
No por ahora. A diferencia de una botnet, por ejemplo, no hay un Centro de Comando y Control al que se conecte la amenaza como para rastrearlo y dar con los autores; y de usarlo, seguramente sería un servidor ajeno al cual atacaron para tomar el control y accederían desde TOR, logrando anonimidad. Por otro lado, el pago del rescate se hace en bitcoins y, por las características de esta criptomoneda, se hace prácticamente imposible rastrear su destino final.
Para más información ingrese al portal de noticias de ESET llamado WeLiveSecurity en: https://www.welivesecurity.com/la-es/2017/06/29/todo-sobre-nuevo-ataque-de-ransomware/
La confianza cero es un concepto ampliamente conocido en ciberseguridad, arraigado en la idea de que ninguna entidad, interna o externa, debe ser considerada como
WCL mejora las operaciones de distribución a través de FCA US LLC para reducir sistemáticamente los deshechos y mejorando la calidad enfocándose en 10 pilares clave técnicos y 10 administrativos.
El ámbito cloud, en la actualidad, es el hogar de las soluciones más poderosas; muchas de ellas indispensables para poner en marcha una transformación digital.
Good and evil are rewarded, karmic cycle Xu Qi an then looked at the other culprit and asked, Chai Xing er, Julia Chatterley Weight Loss Rapid Results Keto ACV Gummies: Evaluating Their Promise for Quick Weight Loss who is your superior Chai Xing er shook her head I don t know, the subordinates don t know the identity of the superior, this is a secret The rules of the palace.If you agree, we will be friends.If you are in Yongzhou City, you can report my name if you encounter trouble.
Now there is no restriction, but you are no longer in the capital.Yesterday, when I passed by the gate of the yamen, I met a woman who was burning paper money at the gate of the yamen and crying for funerals.
As for the son The old man paused After a while, helplessness flashed in his slightly cloudy eyes A few years ago, the floods caused all the crops to disappear.Seeing that the Holy Son was not panicked, Xu Qi an planned to wait and see for a while.
The head Master Hengyin of the Sanhua Temple, who was farther and farther away from the Carnivore Diet for Weight Loss: Harnessing the Power of Animal-Based Nutrition Is Trulicity A Weight Loss Drug crowd, looked back at the crowd, smiled, and clasped his hands together Everyone, go to the Buddha and sit down, pray together 13 times, and you will be able to go to the second floor.Xu Qi an grabbed the neatly folded quilt and covered them, and the two continued to wrestle in the quilt.
Thank you for your support The national teacher has arrived Xu Qi an almost cried out with joy Auntie, I don t want to work hard anymore.Erlang is also a seedling of reading.Their children will definitely be smart in the future.
She sat up with her arms around the quilt, looked at the messy bed, her face was slightly red, and her eyes were shy.Li Lingsu asked him again if he knew that Father has six toes.
She didn t look at Xu Qi an, and after she finished speaking, she went into the bedroom, leaving him alone in the outer room.It jumped over, raised its head, and its black button like eyes gleamed with hope Can we go out now You can go out after tonight, okay, go to your aunt s side.
Dongfang Wanrong blushed, and said Then, let s do it, it s half a month and a half, she has to ask about it at lunch.Isn t it too good Xu Qi an murmured to himself.My mother asked me to come.
I just listened in for a while.They came for the Demon Slaughter Conference.Li Lingsu got up and left the bed, walked to the table, put his hands on the table, leaned forward, and looked down at the little maid in an aggressive posture, with the corners of his mouth raised The little girl must be obedient and well behaved to be lovable.
The light and shadow in the bead swayed, reflecting the figures of Jing Xin and others, reflecting a magnificent hall.He found that his spirit was mediocre, his aura was average, and he was far from the oppressive feeling he felt when facing the elders of the master.
It won t use a penny from our hospital. Lu Zhongjiang didn t feel embarrassed at all, and said with a smile, It s okay, don t worry.I can tell you a case that I was cured some time ago.
Don t worry, you can eat whatever we eat. After that, , Du Heng took the initiative to take out the lunch box that Wang Shiyuan put in the cabinet, Let s go, it won t be enough if you go late.But the news from the pharmacy doctor and the medicines on the table What Foods To Eat For Keto Diet ProMax Keto Gummies: Assessing Their Claims and Efficacy all show that this problem is not simple.
Du Heng quickly asked, What s the reason Hereditary epilepsy, it is said that my aunt s family has a history of hereditary disease.Now she had her hands free. When she saw Du Heng holding two paper cups, she quickly reached out to take them.
Thank you. After saying that, he bowed deeply to Du Heng and others.It was obvious that the old man only listened to half of Wang Lili s explanation just now.
If phlegm is not eliminated, it will be difficult to replenish healthy qi.It includes heat and cold, food stagnation, dead blood, evil spirits, and sinister poisons.
Old Fan, come out. As doctor Du Heng called, Old Fan ran out in an apron, Dean, are you looking for me Didn t you say that your wife will come to work in our hospital today Well, why haven t I seen you take someone to my place until now Hey, dean, the person is already here.The young man was confused, Then why did the medicine prescribed before not work Don t worry.
The eldest brother is like a father. If Du Ping didn t change his face, Du Heng would still dare to joke with his eldest brother, acting like brothers and sisters.Then I ll Wait for you at the gate. Du Heng went to the gate alone.
If you don t want to accept it, we will leave immediately.Du Heng didn t mention anything about what happened in the afternoon.
There is no problem. Right Du Heng also saw the situation outside, and he understood that this was a test.He may really have a pain in his brain. After all, there is no skull.
Du Heng chuckled, turned to Wu Buwei and said, Buwei, remember to wait until next week.After checking the condition of the lower limbs, he took the pulse again and asked, How are you eating It s normal and good.
Half of his head is collapsed and looks like a deformity.What s wrong, sister Wang Zhenzhen whispered, Go down and take a look, Xiaoqiu s uncle and aunt are here.
One second they were fighting for life Shedding Light on CBD: Its Role in Treating ED Ginger Ale Erectile Dysfunction and death, and the next second they looked at each other and knew what they were going to do.He shouldn t be discharged from the hospital just for money, right Sure enough, after hearing what Doctor Hou said, Xue Yiwen quickly shook his head, No, I really don t want to be treated anymore.
I think you mean it. Compromise after having more than enough strength, otherwise, I really don t believe that a dog can change from eating shit.When I came here, I felt so happy. Honey, do you really like shooting on location Du Heng glanced at Wu Shengnan funny, no matter how bold this woman usually behaves, she Mcdougall Program For Maximum Weight Loss BioPure Keto Gummies Reviews: Customer Insights on BioPure Keto Gummy Products is still a woman, and it is her nature to love beauty and romance.
Then he deliberately kept a straight face, looked at the young doctor who had retreated and said, There are no rules, who asked you to come out Then he turned to Zhang Dewen and smiled, Young people have no rules, Mr.If she is asked to set up a street vendor or work hard, she doesn t have the ability to do so, and she may not be able to pull it off.
But when he turned back after paying the money, he found that Wu Shengnan beside him was no longer there.You can talk boldly. I will go to Harmony tomorrow and see if I can find an opportunity.
When Du Heng arrived, Wu Shengnan had already prepared the meal and was waiting beside the table.1 Department of Traditional Chinese Medicine, the No.
It would be a pity to go to the county like this. Du Heng pursed his lips and thought for a moment, Hemp Oil vs. CBD Oil: Unraveling Their Differences and Uses Sydney Cbd Luxury Accommodation Ask him if he is willing to come to our city for women and children.Look, is the value of acetylcholinesterase unreasonable Xu Pinglin couldn t help but jump at the corner of his eyes, took the report and read it.
This has always been Du Heng s bottom line. Even Li Jianwei, his teacher, was embarrassed by him because of this issue.The number of temporary beds in their obstetrics corridor has never been reduced.
Senior Brother, are you using Angelica Blood Buxing Decoction That s right, it is based on the Angelica Blood Buxing Decoction, which uses raw qi and red ginseng to replenish qi and blood to carry the fetus.If anyone If you want to pretend to be a big man in front of such people, you are really brainless.
Then I went to see the child with hepatitis, and this child s face was rosy and his whole body was active.Why does it stop after giving birth Having a baby is a debilitating thing.
Du Heng is not surprised that he can associate mountain climbing with his work.
Your sister in law is pregnant. You said I am amazing.The young man straightened his back slightly, and the expression on his face became a little more natural.
Each family has no problem with this. In the end, it was agreed that each family should send three people.Hao Hongxia blushed directly, glared at the young man and said, The penis is not cheap for you.
Du Ping on the sofa looked at Du Heng who was showing his teeth and claws.But Du Heng s bone setting is different. Does it have any technical content There are definitely some, but not many.
All the way, right And waste is always there. If it goes with sperm, you won t be able to bear it.Then go too. Wu Shengnan s answer was quite firm, I can t do anything else in my life.
Everyone, we are all practitioners of public hospitals.Look, the person has woken up just now. Du Heng immediately stood up and said goodbye to Director He.
After he understood the whole story, he did not rush into the discussion, but lowered his head and began to think deeply.Liver cancer Du Heng scratched his head. This was the first time he encountered this disease, but he had already treated Yang Yuansheng s cirrhosis and ascites, so he was not very afraid of this disease.
I feel that I am not suitable to be a leader. Why do you say that Du Heng looked at it.Director Yan and my teacher know each other Yes, why don t you know each other We ve known each other for almost thirty years.
I can t stand the seasonings with stronger flavors.After a month of medicine, we were afraid that it would not be effective enough, so we took it for another half a month.
Du Heng blinked twice, What does Du Banshen mean You It s better to go and see for yourself, someone explained the cause and effect in detail, which is very interesting.I didn t expect that the Nanshan area where Dujiagou is located is actually a place covered with lush vegetation and green.
Just this moment, I am afraid that he will have to go back to the previous state of separated souls, and it will still be impossible to get back.
Eset desarrolló un análisis sobre el nuevo ataque de ransomware que se inició en Ucrania, y cifró información de máquinas de todo el mundo, afectando compañías de distintas industrias como bancos, red eléctrica y empresas postales, entre otras. El ransomware (secuestro de información) es el término genérico para referirse a todo tipo de software malicioso que le exige al usuario del equipo el pago de un rescate.