Eset desarrolló un análisis sobre el nuevo ataque de ransomware que se inició en Ucrania, y cifró información de máquinas de todo el mundo, afectando compañías de distintas industrias como bancos, red eléctrica y empresas postales, entre otras. El ransomware (secuestro de información) es el término genérico para referirse a todo tipo de software malicioso que le exige al usuario del equipo el pago de un rescate.
“El día martes un nuevo ataque de ransomware dejó en evidencia que sigue habiendo sistemas desactualizados, falta de soluciones de seguridad y de planes necesarios para evitar una infección. Los ataques continúan creciendo y evolucionando, por lo que desde Eset seguimos apostando a que la prevención y la concientización son claves para evitar ser víctimas.”, aseguró Camilo Gutierrez, jefe del Laboratorio de Eset Latinoamérica
Con el fin de despejar todas las dudas en torno a este nuevo ataque global, la compañía comparte el siguiente cuestionario:
¿Cuáles son las características de este ransomware?
Se destacan tres aspectos que lo diferencian:
Cifrado: no solo cifra los archivos con una extensión determinada, sino que además intenta cifrar, generalmente con éxito, el MBR (Master Boot Record), que es el registro principal de arranque.
Propagación: tiene la propiedad de un gusano, o sea, puede propagarse a través de diferentes técnicas por la red logrando infectar nuevos equipos.
Exploit: hace uso de ellos para explotar vulnerabilidades en equipos que no han sido actualizados o no se les han instalado los parches correspondientes.
¿Es igual de poderoso que WannaCryptor?
Ambos tienen el mismo impacto: impiden el acceso a la información almacenada en el sistema. Sin embargo, este nuevo ataque no solo cifra la información que se encuentra en los equipos, sino que, luego de que se reinicia el sistema, deja inutilizable al sistema operativo, por lo que las víctimas se ven obligadas a realizar una reinstalación.
¿Qué es lo que hace exactamente esta amenaza?
Luego de que el ransomware es ejecutado, crea una tarea programada con el fin de reiniciar el equipo en un determinado tiempo, que no suele ser más de sesenta minutos. Además, verifica si existen carpetas o discos compartidos para propagarse.
A continuación, comienza a cifrar archivos que contengan una determinada extensión. A diferencia de la mayoría del ransomware, este código malicioso no cambia o agrega una extensión particular luego de cifrar cada archivo, una técnica muy utilizada por los atacantes para distinguir a los archivos infectados.
Por último, el malware intentará eliminar los registros de eventos para no dejar rastro alguno, como también ocultar sus acciones.
¿Cómo se propaga de un país a otro? ¿Llegó a Latinoamérica?
La propagación es una característica destacable de esta amenaza. Una vez que logra infectar un equipo, intenta extraer las credenciales del usuario para luego usarlas con PsExec y WMIC para realizar una búsqueda de carpetas y discos compartidos, y así propagarse por la red a la cual el equipo esté conectado. De esta manera, logra infectar equipos situados en distintos países y regiones.
Sí, llegó a Latinoamérica, en la mayoría de los casos a equipos de empresas multinacionales conectados en red con los de otras filiales en Europa o Asia, desde las cuales se propagó con su capacidad de gusano.
¿Qué se puede hacer para evitarlo?
Tanto en hogares como en empresas, contar con una solución antivirus es imprescindible. La misma tiene que estar correctamente configurada, contemplar qué puertos están abiertos y por qué.
Además, la red debe estar configurada y segmentada correctamente, y monitorear constantemente el tráfico para detectar algún tipo de comportamiento fuera de lo normal. Es esencial realizar un estudio detallado de la información más relevante y hacer backup de la misma, para que, en caso de que se cifre, haya una forma de restaurarla.
En cuanto a las contraseñas, es primordial llevar una buena gestión de las mismas, ya que si tan solo una de las máquinas infectadas posee las credenciales de administrador, podría infectar toda la red.
Si estoy infectado y no puedo acceder al sistema, ¿cómo tendría que avanzar?
Se podrían utilizar técnicas forenses para intentar correr en memoria otro sistema operativo y de esta forma acceder a los archivos cifrados. Sin embargo, no hay mucho que se pueda hacer más que aplicar el backup, lo cual sería crucial para evitar la reinstalación del sistema operativo.
En última instancia, si no hay backup, los cibercriminales siempre ofrecerán la opción extorsiva, pero desde ESET no sugerimos de pagar el rescate ya que mientras siga siendo rentable, el ransomware continuará creciendo.
¿Cómo están operando los atacantes? ¿Esperan un pago a cambio?
El proceso para recuperar la información es el mismo al que nos tiene acostumbrado este tipo de ataques. Una vez finalizada la infección, el ransomware emite las instrucciones, en donde los atacantes solicitan un pago en bitcoins, en este caso, equivalente a 300 dólares.
Pie de imagen: Aviso de que el equipo ha sido infectado.
¿Por qué se ha vuelto tan común el secuestro de datos?
Dentro de los puntos destacables se encuentran la falta de concientización y educación a nivel seguridad que tienen muchos usuarios y empresas. Una gran parte todavía no conoce el impacto que puede tener en un modelo de negocio un ciberataque hasta que es víctima y se ve obligada a pagar para recuperar su información.
Ante esta cuestión, a pesar de la velocidad con que circulan las noticias sobre ataques informáticos y los problemas que generan, los cibercriminales encuentran una motivación importante para continuar desarrollando nuevas amenazas.
¿El ataque está armado por una persona o un grupo? ¿Se necesitan conocimientos técnicos altos?
Resulta difícil pensar que una sola persona puede estar detrás de este ataque, ya que es una amenaza que incorpora varias técnicas en cuanto a exploits, propagación, y cifrado, así como para evadir medidas de seguridad. Sin embargo, no podemos asegurar cuántas son las personas involucradas en el desarrollo de un ataque de tal magnitud.
¿Se puede dar con los autores del ataque?
No por ahora. A diferencia de una botnet, por ejemplo, no hay un Centro de Comando y Control al que se conecte la amenaza como para rastrearlo y dar con los autores; y de usarlo, seguramente sería un servidor ajeno al cual atacaron para tomar el control y accederían desde TOR, logrando anonimidad. Por otro lado, el pago del rescate se hace en bitcoins y, por las características de esta criptomoneda, se hace prácticamente imposible rastrear su destino final.
Para más información ingrese al portal de noticias de ESET llamado WeLiveSecurity en: https://www.welivesecurity.com/la-es/2017/06/29/todo-sobre-nuevo-ataque-de-ransomware/
Coradia iLint es un tren regional que ofrece una alternativa completamente libre de emisiones a los trenes diésel para líneas ferroviarias no electrificadas.
La participación del ferrocarril en el transporte de carga en México ha crecido de manera continua y ha alcanzado niveles comparables con varios de los grandes sistemas ferroviarios del mundo.
na cantidad excesiva de reuniones podría afectar la productividad de cualquier trabajador, hay que aprender a planificarlas, realizarlas de la mejor manera y únicamente cuando sea necesario.
La funcionalidad de gestión del caso en EAM es una forma fácil de hacerlo. Se puede hacer el seguimiento de todas las acciones tomadas y documentar toda la información pertinente de manera que esté grabada en un solo lugar.
The four types of sects have both grievances and Benefits 70801 Delta Cbd Fab Reviews Gummies And Effects cooperation with each other.How can I transfer it without telling Fellow Daoist Shao the location Wen Hou smiled more sincerely, It s just.
However, I haven t found anything similar for so many years.True Monarch Bengshan persuaded earnestly.Understood, uncle Lan Yuanzhou froze for a moment, and quickly responded.
Furthermore, if we really wanted to announce this matter, it would be equivalent to saying that the five return to the void Shinichi were too weak.Not bad Do you want to compete here Shao Nan didn t talk nonsense, and directly took out the Langya Xuanyan Sword.
This is what Shao Nan firmly believes.Having figured out the key point, Shao Nan stopped hesitating, showed his figure, and walked towards Gu Yueyou and the others.A natural formation is not too difficult for Shao Nan, and he has already experienced it once, and it is easy to find a way to break the formation.
Accept the sect master s order Qiu Bai became more and more serious, Shao Nan listens to the order and accepts Shao Nan as the supervisor elder of the sect What Me Shao Nan was stunned, unable to believe it at all.If you didn t do that, maybe you would all be dead.
Shao Nan nodded.The Immortal Ascension Conference Isn t that what happened almost thirty years ago Zhenren Xinjue couldn t help but interjected.Lan Yin sighed, whoever was able to challenge here would not give up.
What s the matter You scared me Shao Nan was almost speechless.Regardless of how Barlow and Joseph communicated, Shao Nan listened to their conversation.
Even the monsters in Jinda s later stage have been killed, and the two Shao Nans are not taken seriously.Every Wangchen Pill may cause a bloodbath.You must know that after a monk realizes the way of heaven, he can only constantly realize this kind of way of heaven in his life.
Shao Nan originally wanted to go directly to find Yangmai Fruit, but now that he heard the news of the Illusion Exchange Conference, he suddenly moved to see it.It s so pitiful.After seeing Shaonan s realm clearly, Balk couldn t even close his mouth, and walked away while laughing.
Although he has joined the Dao Natural Sect, but the Dao Natural Sect does not have the strength to establish a foundation, and there is no Jindan Daoist to accept disciples.Dayan inheritance, great prophecy Wu Yan finally spoke, still concise and to the point.
It shows that the aura in this island is quite good.It is to bring a sense of oppression to Dao Natural Sect.
I don t want to be with her again.Separated, so I want to go back to my hometown with her.Zhou Chen smiled politely at her, Thank you.Unprecedented, he, Zhou Chen, wanted to apologize to a small front desk clerk.
A knife made a wink.Yu Yidao understood, and said to Feng Wencai Although the Lin family doesn t pursue this matter, the matter has already alarmed the government, and they have to bear the punishment.Her idol called her, how could she not be nervous Chu Han said Miss Zhao, our new play is about to start filming, we will have time to play against each other.
In Prince Xiang s mansion, Dong Yufang was really overjoyed, Father, it s better for you.What prosperity and wealth are but a fleeting moment, nothing can compare to the happiness and tranquility of a family.
Zheng Yiyang nodded, Of course, I m all ears.I don t know why the boss suddenly wants to invest in such a huge project You must know that half of the company s assets will be spent on that project.Seeing that Su Of Boosting Productivity Benefits Rise Clarity Cbd Mental Workplace 9448 Yurou died, Duke Rong felt a great sense of revenge, closed his eyes, turned and left, and returned to Duke Rong s mansion.
The daughter in law is also at fault.Before Zhao Ruyue married, she was a kind hearted and reasonable girl, but after marrying into the Chu family, she changed completely.Persimmons should be picky and soft, which is the bad root of 0519 Honest Gummies And Cbd Blue Analysis Vibe Feedback Review human nature.
Lin Yiyi said modestly and respectfully.Kang and Yu looked at each other and smiled, both very satisfied.Kicking her was not enough.Thinking of being tortured by him for the past six months, she kicked her a few more times to relieve her anger.
Unable to think, I just felt that my body was getting hotter and hotter, and I nodded instinctively.Chu Kuan panicked.Empress Li frowned, How could a living person disappear out of thin air There must be someone secretly helping him escape, looking for him, even digging three feet to find him.
Chu Han thinks that he is perverted, He felt very happy when he heard Lan Xin crying and begging under him.Feng Wencai turned his Cbd Support With 832 Elevate Best Everyday Gummies Your Natural head and saw that Yipin and Er an came in with two tied up men each.
The evidence is solid, and you still don t admit it.are not a problem.Don t be curious. That s because I didn t have anything before.Chu Han said with a smile.
Zhao Xueer said.Chen Fen refused to give her money, so she got it herself.The Kang family ordered that all the servants perform their duties, and no one is allowed to chew their tongues Gummies 82565 Pros Cons Cbd Prime And Review and gather together.
It was the benevolence and righteousness of the Chu family, and for the sake of the two families, they finally suppressed the matter.Without poison, no one can do anything to her.You asked me to buy poison.
He didn t do anything.How did he offend her Seeing his innocent face, Zhao Ruyue was even more angry, For the Lin family Have you seen Maximum Guide Sthkx 4864 Mens Enhancing Health To Gummies A Comprehensive Male the dowry list I didn t see it, but I heard from my mother that it seems to be equal to the dowry gift I gave you back then.People are like this, if you don t empathize with others, you will never know the pain of others.
Chu Han hurriedly poured her a teapot of water and asked her to drink it before recovering, Don t be afraid, I m here exist.Chu Han said Mother should have done this long ago.
Zhu Qi didn t believe Zhou Yunqing s words.Her brother had a good relationship with the second son of the Zhu family.Is Niuniu hungry Chu Han took out a greased paper bag from his bag.
But Chu Han had already expected what was going on, so he calmed down Father and brother, the family of three quickly boarded the carriage and went home.Not long after, there was another new news.After Leng Yan read it, it was the same as Chu Han expected, and he immediately admired Chu Han.
His surname is Lin, from Huaiyang, and his family suffered a disaster.This poisonous woman murdered Is For Cbd Top Reviews Sleep And The Gummies 02 Picks What Best the Crown Princess s child, murdered the Crown Princess, how could you be so stupid, be deceived by a woman, and cause such a catastrophe These words clearly On the surface, she was reprimanding Chu Kuan, but in fact she was defending herself and Chu Kuan.
This retreat must be prepared in advance. Zhou Mi will lose it. He may not fall to the peak level of the Fourteenth Realm, which is already extremely stable, but an ordinary Fourteenth Realm cannot support Zhou Mi s ambitions.So he used a blind trick on Fu Zhou and took a detour. It s just that this talisman boat ferry is too expensive to travel far away.
Chunqing has long been a far reaching martial artist, and is also a Nascent Soul bottleneck qigong practitioner.The master then put his hands on his sleeves and stared at the paper in deep thought. Pei Qian said softly Master, the mountain ticket that Li Shilang handed over.
Peixiang, the Relief The For Pain 936 Power Wellness Green Gummies Cbd And Discover Of Spectrum leader of the Fox Kingdom, is under the water of Yuanying, and Yunzi is on Qidun Mountain.He took off the sword raising gourd and poured out a pot of wine. After standing up, the young man stooped slightly again and no longer deliberately straightened his waist.
It was said that the book that the ancient Yue Lao looked through in his hand was a marriage book. And at least half of the marriage book was most likely in Liu Qi s hands.Instead, with a thought, he opened half of the Spring Festival Couplets at the entrance of Han Jiangshu s key Qi Palaces.
It s just a test of eyesight, and the amount of money you make depends on chance. Collecting antiques and treasures in prosperous times, gold is the most valuable in troubled times.Ni Yuanhao said angrily Swearing Jiang Shangzhen smiled. Said Master Ni, you don t have to be so rude on purpose and show weakness to me at every turn.
Precisely because Li Huai was not in the game, Old Man Yang gave him the opportunity to bring good fortune and little burden.Although Yao Jinzhi is not a martial artist, he can Your Thc From 7300 In Stay Gummies System Long How Does draw a bow and knows some martial arts. Compared with ordinary martial arts warriors who make a living in the market, style, will not be inferior.
Another ancient object appeared next to him. It was the door ritual vessel. Yun Ao, also known as Yundun in ancient times. According Aucvl With Cbd Comprehensive Gummies For 001 Sundowners A Your Guide Sundown Soothe Struggles to legend, it was an imitation of the object used by ancient gods to move clouds, a tall wooden object.Zhao Yao said with his heart In Feisheng City, I I met Ning Yao once and she is very good. Chen Ping an said angrily Who are you It s none of your business.
The steward was worried, what a good guy, he turned out to be a Nascent Soul monk pretending to be a pure Clarity Hd 949 Enhancement Goes Spring Viral Break Cbd Formula martial artist The bastard is probably the monk Insights Shark 681 Tank Vibe Blue Product Gummies Cbd Tong Yezhou.When she knocked on the door, she looked strange. She obviously couldn t understand why the worshiper Huang Lin was so polite to this Tongyezhou monk who was greedy for life and afraid of death.
There is no need to be angry, if I were him, I would treat Sister Ye as a fairy in the sky who can only be watched from a distance but not played with.Kongtong, who was born as a palace girl Effective Leaf Cbd Gummies Zen 851 Anxiety For Reviews Relief in Benmo City, I have an old grudge with one of the deputy city lords she serves.
Pingzhangshi, which city are you from If Mr. Pingzhangshi accidentally delays things in four days, I can take the initiative to visit you.Let s go back. Think about it, when I used to patrol the mountains, I would move forward every day, and the days would just move forward day by day, right Then what if I moved back every day, ha When I say that, you know why.
There Low Choosing 17 The Benefits Uses And Cannabis Guide To Dose Gummies Best are many worrying things. It is precisely because it is difficult to explain the truth and it is not easy to be a good person, so it is even more valuable.Wandering around. When the time comes, let Pei Qian return to the Pima Sect ferry and fly his sword directly to send messages to Taihui Jianzong and Paidi Peak.
Eset desarrolló un análisis sobre el nuevo ataque de ransomware que se inició en Ucrania, y cifró información de máquinas de todo el mundo, afectando compañías de distintas industrias como bancos, red eléctrica y empresas postales, entre otras. El ransomware (secuestro de información) es el término genérico para referirse a todo tipo de software malicioso que le exige al usuario del equipo el pago de un rescate.