We live in an increasingly digital world and this has its positive and negative things. A positive may be that electronic mail has largely replaced postal correspondence, which is very good for the ecology since not so much paper is wasted. Another positive thing is also the adoption of remote work and the cloud that will allow us to access our files from any location. That makes our files more and more valuable, whether on our hard drives or in the cloud. Cybercriminals are aware of this and are going to try to get hold of them, as well as lock us out so that we have to pay the ransom. In this article, we are going to talk about what files ransomware usually encrypts and also offer some ways to protect ourselves.
Cybercriminals are increasingly carrying out more sophisticated attacks to make a profit. The ones that tend to be the most profitable are ransomware and Phishing. Now we are going to focus on the former and how they affect our information.
What files does ransomware usually encrypt
When we suffer a ransomware attack, we find ourselves with a type of harmful program that will prevent us from accessing our files, and in exchange for removing this restriction, it will demand a ransom payment. Cybercriminals are very clear about what files they want to encrypt to do us the maximum possible damage and force us to pay the ransom. In that aspect the files that are usually encrypted by ransomware are those that contain important information.
Ransomware affects both individuals and companies of all sizes. Therefore, we must all be alert and not let our guard down. In this regard, it should be noted that when it comes to encrypting ransomware they have a predilection for certain types of files:
- Microsoft Office: .xlsx, .docx and .pptx.
- Images: .jpeg, .png, .jpeg, .gif.
- The AutoCad ones: .dwg.
- Data: .sql and .ai.
- Video: .avi, .m4a, .mp4, .mpg, .wmv
- The compression and backup: .rar, .zip.
Without a doubt, the favorite of these in a ransomware attack are those of Microsoft Office, since vital information about the company or the victim in question is very often stored in them.
The ransom payment and how to protect yourself
The files that can be encrypted by ransomware, as you have seen, are among the most varied. If we look at the list above, and check what types of files we have stored, we will see that they are highly relevant to us. Simply by encrypting our Office files and our personal photos and videos, the destruction can be devastating.
Then it is time to consider whether or not it is in our best interest to pay a ransomware ransom. Simply by paying we will be contributing to incite more attacks of this type. In addition, paying does not guarantee that the key to recover your files will be sent to you later or that someone in the decryption process will fail when trying to recover it. Therefore, the best thing to do if possible would be to report and not pay the ransom.
On the other hand, in order not to be a victim of ransomware, or at least mitigate the damage we may suffer, we have to:
- Have the operating system updated.
- Have a good antivirus and, if possible, antimalware software.
- The rest of the software must be updated so that they do not take advantage of vulnerabilities, such as the browser.
- Be careful with URLs and email attachments.
- Make a backup of all our files.
The types of files that ransomware can encrypt are many and if at any given moment we realize that we are being attacked, we must follow some guidelines. The first thing is to disconnect that computer from the Internet and from your local network because you could infect other computers. Then the best thing would be to make a backup of what is not infected if you have not saved it before. Next, tap on a fresh install from scratch and restore the files from your backup.
Finally, if you work from home, you may be interested in knowing some tips to stay protected from ransomware.