Ransomware attacks are amongst the most-discussed new threats to have emerged in the past few years, but what is ransomware, how can it impact your business and how can you protect yourself against it?
Ransomware is a type of malicious software that infects a computer or network, restricts access to files (usually by encrypting them) and demands a ransom be paid to regain access. The ransom is usually requested as a cryptocurrency such as Bitcoin, and demands have risen from around $300 per device to over $1,000. It’s important to note that paying the ransom comes with no guarantee that you will actually regain access to your files, with one report finding that only 19% of ransomware victims who paid the ransom received their files.
You will have likely first heard about ransomware in 2017 when the WannaCry worm infected over 200,000 devices worldwide, disrupting hundreds of organisations including the NHS in the UK, followed shortly thereafter by the NotPetya virus, which wrought havoc in Ukraine, as well as other countries such as the UK. Ransomware actually stretches back as far as 1989 and the PC Cyborg Trojan, but its recent renaissance seems to have started around 2012, when the FBI issued an advisory entitled “New Internet Scam”.
According to Europol’s 2018 Internet Organised Crime Threat Assessment, ‘even though the growth of ransomware is beginning to slow, ransomware is still overtaking banking Trojans in financially-motivated malware attacks’, which the report states is ‘a trend anticipated to continue over the following years.’ 2019’s is set to be the year of targeted ransomware, according to a recent NCSC advisory, in which ‘criminal actors analyse victim networks to understand their “value” and set a ransom demand based on that perceived value [whilst] also seek[ing] to ensure that their malicious activity has the maximum impact on the victim organisation.’
So, how can you protect yourself against ransomware, and how can Mitigate help? Most obviously, all the usual rules on avoiding malware infection apply to ransomware—don’t run untrusted executables, don’t click links in unexpected emails, etc.—and Mitigate provides effective, GCHQ-certified training on all of these topics and more for your employees to undertake. However, all it can take is one clumsy employee to compromise your whole business network, so how can you protect yourself?
The best defence against a ransomware attack is regularly backing-up of any important data. You should implement technical measures to do so as soon as possible. These backups mitigate the amount of damage that a ransomware-inflicted loss of files can cause, but will require your employees to understand the reasons why backing-up is important, as well as how they can ensure their files are included (e.g. by saving them to a specific directory). This is all covered in-depth in the Backups module of Mitigate, including interactive assessments and completion tracking, helping you to identify your riskiest employees.
Mitigate ensures that your employees are informed and know how to keep both themselves and your company safe from ransomware attacks—for more information, get in touch at 0333 323 3981 or [email protected] today.