Specialists warn of a wave of cyber-attacks with ransomware that has already hit the United States

The 22 US agencies infected with ransomware are the latest known victims of an upsurge in attacks with this type of virus that encrypts computers and releases them after paying a "ransom", whose use has grown exponentially in recent months, according to specialists.

In the state of Texas, in North America, the computer systems of 22 government agencies, most of them from small municipalities, were paralyzed a few days after the attacks, whose perpetrators still have no idea.

This information was known almost simultaneously with the publication of a report from the computer security company Kaspersky, who had found that in the second quarter of the year 16,017 new ransomware existing software changes had been detected, and even "some belonging to eight new companies". malware families. "

This figure is more than double the 7,620 new samples detected a year ago. In the second quarter of 2018, the Russian-based company reported that during the second quarter of 2019, more than 230,000 computers had been attacked.

"There is a second wave of ransomware attacks today," said Alfredo Ortega, a computer security researcher, during a dialogue with Telam, although he said that "it is not clear if they are new or if they are being published now".

Until this year, only the United States has resorted to this type of cyber attacks – which leave computers unusable until payment is paid – have affected equipment over 40 municipalities, including large cities such as Baltimore (Albany) and Laredo (Texas), to smaller cities, such as Lake City (Florida).

Lake City, according to the New York Times, is one of the few cities to have decided to pay the amount in bitcoins equivalent to $ 460,000 in ransom, believing that rebuilding their systems would cost even more.

In Argentina, this is also happening

Infections of this type do not occur only in the United States: "Some southern municipalities (in Argentina) are often affected by ransomware, but we usually do not find it. Have no reinforcement, they pay or lose everything, "said Ortega.

The average amount of ransom, which is usually a value in some crypto-currencies, varies considerably from one attack to another, those that are aimed at ordinary people usually require around $ 500. are usually not paid. ", explained the specialist.

"Southern companies, as far as I know, have been billed up to $ 10,000.Many times they are charged for the number of computers affected.Sometimes they evaluate it." is convenient to pay the ransom or buy a backup system.It is often more expensive, "he added.

According to Kaspersky's report, the increase in the number of malicious changes and the emergence of new families are a dangerous sign that "criminal activity is intensifying, with new versions of malicious software ".

The report indicates that 232,292 unique users were targeted by these attacks, an increase of 46% over the same period last year (158,921).

With regard to geographical distribution, the countries with the highest proportion of users attacked are Bangladesh (9%), Uzbekistan (6%) and Mozambique (4%), while Paraguay was the main country affected, followed by Venezuela and Peru Argentina ranked last with Mexico.

Behind these developments, there are usually groups with commercial structures, which program ransomware at the industrial level, in several languages ​​and earn a lot of money.

"The GandCrab case (a family of malware) is a good example of the effectiveness of a ransomware, because its creators have announced the end of their activity after stating that they have made a lot of money by extorting their victims," ​​he said. said Fedor. Sinitsyn, researcher at Kaspersky.

To control these attacks, you need to "have backups," Ortega said. "At one point, there is a race in time against the hard drive: when storage is more important and backup is automatic, the ransomware is not going to make so much sense."