Social engineering as an attack vector for ransomware

摘要

Constant ransomware attacks achieve to evade multiple security perimeters, because its strategy is based on the exploitation of users-the weakest link in the security chain-getting high levels of effectiveness. In this paper, an in-depth analysis of the anatomy of the ransomware is develop, and how they combine technology with manipulation, through social engineering, to meet their goals and compromise thousands of computers. Finally, simulations of the phases that it follows are carried out, leaving the necessary guidelines to evaluate the security of the information, and thus, generate policies that minimize the risks of loss of information.