At least seven companies in Lanzarote have been victims of extortion by computer hackers. This is confirmed by the Civil Guard, which emphasizes that these are only the cases "officially counted" and that "there may be many more", since some companies do not report to avoid the "negative publicity" that may be generated by having suffered these attacks. The body emphasizes that security is "fundamental", given that this type of crime "has grown exponentially in the last year".
In the province of Las Palmas alone, the Telematics Crimes Group of the Civil Guard has investigated 215 cases of computer attacks on companies, which are victims of extortion by hackers. As La Voz de Lanzarote reflected in an article last week, these 'pirates' enter the system of companies and encrypt their information, asking for a ransom to recover it.
From the Civil Guard they explain that there are two methods to do it. On the one hand, several companies on the island have been attacked through their operating system. "There is a type of Windows for companies that has many gaps and in Lanzarote they are attacking companies with this type of operating system," they confirm. That system is Windows 2003 server. As the computer scientist of one of those Lanzarote companies that were forced to pay the 'ransom' told La Voz, the hackers enter the computer "through a defect in the operating system and enter as if they were a remote desktop user." Then, "another failure allows you to take administrator privileges and thus they do what they want on the computer", since they can install programs or delete files at will.
The Trojan, the most common method
However, the most common method is through a virus, what is known as a Trojan. "The most widespread is the Ransomware virus," say the Civil Guard. The name itself is most illustrative, since ransom is nothing more than the name that the payment of the ransom for a kidnapping receives in English.
"They send you an email in which they pose as the Spanish Post Office company and put an attached file, which is the virus in question. They pass it off as a PDF. The email tells you that you have received a certified mail and that for more information open the PDF. It is not a PDF, it is a virus in every way," they warn. That attached file that should not be opened is, for the Civil Guard, "the simplest but most infallible method."
In fact, the method of impersonating Correos is just one of the tactics that are used. From the Benemérita they take the opportunity to warn about another case that could occur on these dates, "with the income tax return". "They pose as the Tax Agency and ask you for bank details. The Tax Agency does not ask for bank details, and even less by email. You have to be careful," they emphasize.
"Prevention and common sense"
Given the proliferation of this type of crime, the different security forces focus most of their actions on awareness and prevention. The Civil Guard emphasizes that these virtual criminals "take advantage of people's ignorance in this matter", so emphasis must be placed on prevention.
"Prevention and common sense are basic," they say. Among these measures to avoid a computer attack are, for example, "making backup copies regularly" or "having a paid antivirus, with a license renewed every 6 months or a year". "It is not enough to download free antivirus software," they insist.
The Telematics Crimes Group collects a wide guide of tips against these scams. This unit of experts in crimes perpetrated using new technologies especially highlights the need to "regularly update" the operating system used, as well as that the internet browser used is up to date.
Passwords can also be a good shield against these attacks. The GDT points out that they must be "long and alphanumeric (containing both letters and numbers)" but, above all, they cannot always be the same. It is necessary to have "at least one different for the different areas of your activity on the Internet", such as email accounts, social media accounts or those used for economic activities.
To avoid falling into the networks of a Trojan, this group recommends distrusting "short and strange messages" received on social networks, "especially if they include a link to access other content". What's more, even if they come from known contacts, "they can be dangerous". As for emails, it is not advisable to trust those that come from unknown or strange recipients. Especially "never, never download or run .exe files", emphasizes the Civil Guard.
Cross-border crime
The main problem for the authorities when it comes to prosecuting these crimes is that they rarely occur from the national territory. It is "cross-border crime" and "it is very difficult to prosecute it", admit from the Civil Guard.
"Apart from the special idiosyncrasy of prosecuting a telematic crime, many of these pirates attack from other countries, with other types of legislation, judicial procedures, etcetera," they argue. Thus, when the 'hacks' come from a member state of the European Union, the process is "simpler". In these cases, Interpol and more usually Europol take charge of the investigations. When hackers act from outside the community territory, the investigation becomes complicated.
"The corresponding letters are made to the countries. His Lordship sends the transfer of the investigation by rogatory commission", to the State from which the crime was committed. But the rogatory commission does not always work. "In cases like China, Russia or South America", which is mostly where these computer pirates operate from, "it is very difficult to send it", admit from the Benemérita.
Faced with this situation, "95 percent" of the authorities' task is based on prevention. The problem lies essentially in the fact that the internet is still, although it has ceased to be something incipient, a new platform. "Now it is necessary to adapt the penal codes and international laws to these behaviors. It is necessary to create an international organization that persecutes this type of crime."
