The Rise of Ransomware

Ransomware is nothing new but is fast becoming one of the most common and profitable forms of cybercrime.

Kidnap and extortion have been around for a long time, pirates of the seas and criminal organisations have always exploited this type of tactic, whether it be to take hostages, contaminate goods or withhold services.

In this modern digital age, the impact that a ransomware attack can have on an organisation will often bring devasting operational consequences. Not only from the disruption that it causes by shutting down your critical services and databases to stop you trading, but also from a financial loss through a lack of confidence and the reputational damage attracted through adverse publicity and media interest.

What is Ransomware?

Ransomware is a Malicious Software (Malware) attack, typically carried out by a Trojan. It prominently enters the back door of your system via a phishing email, (tricking someone into doing something by clicking a bad link that downloads the malware) or through a vulnerability gap in your network service. After infection it encrypts your systems and denies you access to your own data, holding it hostage until a ransom, usually requested in the form of cryptocurrency has been paid to unlock it.

Ever changing threat

The shift in criminal modus operandi is ever changing. Organised crime groups have always had the capability to engage in more than one criminal activity and have always been ahead of the game when it comes to flexibility and a desire to quickly adapt their tactics to shift from one new emerging criminal activity to the next.

The integration of digital systems into the criminal underworld and their rapid expansion into ransomware has expeditiously increased over the past 18 months. So much so that it now represents one of the biggest global threats to our online security with an expectation that at some point it will affect most businesses in the UK.

The traditional physical threat of having your business premises broken into by burglary was not that long ago the biggest fear for most of the business community. Most burglaries were uncovered when returning to work on a Monday morning to find that your premises had been entered and that the safe along with the previous week’s cash takings had been stolen.

The damage caused at the point of entry was a pain. Work had to be put on pause for a few hours while waiting for the police to arrive and fingerprint the scene, followed up some days later with a crime reference number accompanied by a pamphlet containing some retrospective crime prevention advice which would hopefully go some way to help mitigate a similar instance happening again soon in the not-so-distant future.

In the coming days, an insurance claim would ensue, hopefully going some way recovering a good proportion of your stolen revenue and part way into making good some of the repair works and disruption caused.

Usually within a few days everything started to move back into business as normal, the incident would soon be forgotten, lessons were learned and that sense of feeling secure came back again, usually reinforced by the inception of a new shiny target hardening and crime preventative plan.

How things have now drastically changed.

Through education and understanding we have made huge steps in designing out this type of crime. Through the installation of preventative measures such as perimeter fencing, CCTV, ring doorbells and sophisticated SMART enabled alarms, we have been able to change behaviours and reduced this type of crime drastically over the last decade.

But unfortunately, there is always a downside. As society and technology have evolved, new digital crime challenges have emerged.

So, is it now time for us all to ask the question?

How prepared would you be if we returned to work in the morning to be faced with a permanent loss of our data, or in the very least a recovery plan to restore the data that may take several weeks (with the additional damage to your reputational and corporate brand which could inevitably take even longer).

There are many ways you can reduce your ransomware risk – Prevention is always better than cure.

Phishing and ransomware work hand in hand, the number of phishing emails containing a form of ransomware is growing every day.

Just as with traditional crime prevention, we can all help to design out the threat, mitigate your risk and place your organisation out in front of the rest.

1. Educate and equip people.

Encourage and develop a sustainable security culture across all parts of your business.

Human error is by far one of the weakest links.

· Educate your people about the dangers of opening suspicious emails and when not to open links or the attachments.

· Explain the dangers of visiting unknown websites.

· Understand the need to close workstations and browsers when not in use.

· Create an environment which encourages users to identify and report suspicious activity and phishing emails.

· Ensure that they understand where, when and how to report this activity.

2. Provide and sustain high-quality digital safety and security processes.

Ransomware attacks will spread very quickly. Ask yourself?

Do you have a sustainable and high-quality digital safety and security process in place?

· What would you do if your data bases and ICT system had been encrypted by malicious cyber criminals?

· How would you deal with an email message, demanding a ransom to be paid?

· Do you have the right policies and processes in place so that you can respond rapidly to incidents?

· Do you have an incident, Information and communications, technology (ICT) disaster recovery and business continuity plan in place?

· Do you have monitoring in place, to help identify an attacker’s presence on your network?

· Do you regularly back up your data?

If this short blog leaves you with some unanswered questions, contact us for a no-obligation consultation and we will define the benefits and invaluable piece of mind that the Digital Safety CIC can bring to your organisation.