What is ransomware?
Ransomware is a type of malicious software used to deny users access to their computer system until they pay a ransom. Most recently, ransoms are demanded in cryptocurrency which affords the cybercriminals using ransomware methods a certain level of anonymity.
Although the first example of ransomware is thought to have been recorded in the late 1980s, there’s been a real increase in both its use and public awareness of its use. Just like good and useful technology has come a long way since then, so has the development of ransomware. This makes more and more individuals and organisations susceptible to attacks – even if they think they’re not likely to fall for any kind of scam.
What are hackers looking to gain from ransomware attacks?
The answer to this is financial gain, but whereas once they got that through ransoms, they can now also sell the compromised data online.
Previously, ransomware focused on taking away the availability of someone’s data by blocking their access to it until the ransom was paid. With business owners getting wise to this and implementing system backups and other measures to guard against this sort of threat, cybercriminals have had to adapt their strategy, and often now threaten to publish the data online.
Depending on the business, not only could this be costly in terms of a loss in customer trust eroding their core customer base, but it can also cost in terms of fines imposed by the Information Commissioners Office (ICO) if it’s determined that the data breach was due to their own negligence or inadequate approach to data security pertaining to customers and/ or their staff.
This means that even if you have backups in place to restore your IT systems getting around the data withholding part of the hack, you still have the worry of the hackers selling your sensitive company data online.
Should I be worried about ransomware?
We’re not here to spread fear around this, but it is important that you’re aware of risks, especially with this type of attack becoming more and more sophisticated.
You may have seen previous mentions of ransomware attacks like WannaCry back in 2017 which took hold in the NHS, spreading quickly across the entire network from machine to machine. This approach isn’t actually beneficial for hackers, as it takes up a lot of their time and resource which makes it harder to extract money from the most lucrative target.
Rather than spreading through your system, these days they’re more than likely going to take their time, the attacker often spending weeks inside the network, reading emails, and gaining intelligence as to where best to deploy the ransomware in order to have the largest impact, and maximise their ill-gotten financial gains!
How can I protect my business from ransomware attacks?
Protecting yourself and/ or your business from ransomware attacks is all about looking at the root cause rather than the symptoms.
Let us explain.
If you suffer from an attack, then you’re more than likely going to be focused on removing the hacker, getting your data back, and getting your system up and running again like it was before.
What this doesn’t account for, is how the attacker gained access to the system in the first place.
So, if you’ve never yet been subject to an attack, look at other instances of ransomware use, and learn from other people. Sure, have a plan in place to get back up and running ASAP after the event, but make sure you look at your security protocols which are likely to catch an attack in the first instance.
Are staff trained on how to spot a phishing email?
Does your IT provider have software that points out subtle changes to admin privileges that could indicate your network has been compromised?