Ransomware – Should You Be Worried?
Short answer – yes! Ransomware isn’t to be taken lightly at all and it has been known to cripple businesses to bankruptcy within months of an attack.
There have been multiple reports of larger corporations being hit with ransomware and most recently the shipping giant Pitney Bowes became a victim. These reports are crucial because it sends the message that online threats are very much real, however they can also create false security as well, with smaller organisations thinking ‘it won’t happen to me’ or ‘nobody outside of my local area knows about me’ etc. This is because the media only report on larger companies.
These types of attacks are rarely targeted, you just simply get caught up in what’s known as a volume-based attack, where hundreds of thousands of legitimate looking emails are sent out randomly. All it takes is for someone to click a link or open an attachment and that starts the ball rolling.
What is Ransomware?
Essentially, it’s a form of Malware, something that can take over your system and change the way it operates. But its not your everyday type that just sits in the background, collecting data and slowing things down a bit.
Ransomware, once ‘allowed’ access into the system, will literally lock everything. All files etc and if you’re on a network then this spreads within seconds and suddenly whether you have one computer, or 100 of them, the whole company comes to a grinding halt.
The files are encrypted, which means there is only one way of unlocking them and that’s with the correct key/password – naturally this is only known by the attacker.
Ultimately the goal is to ask you for a ransom payment via Bitcoin and once received, they will supposedly unlock your files. This is a huge grey area though, as there’s no guarantee they wont just disappear and leave them locked, or indeed up their ransom even more and get greedy. Those who have had their files unlocked after payment might feel they got lucky (albeit somewhat lighter in the wallet though!) but what they don’t realise is, they get added to a list of ‘easy pickings’ and this is sold on the dark web to thousands of other criminals who will physically target you and try to take advantage.
How can you stop Ransomware?
This isn’t an easy question to answer, as it has many variables. You could have the best security in the world, but they aren’t guaranteed to keep everything out and all it takes is human error, or that one email that makes it through and looks so genuine, it doesn’t hold any suspicion.
Many employers also overlook the fact that attacks can sometimes come from inside the workplace as well, an untrustworthy or ‘angry’ employee might insert an infected USB stick into one of the computers instead. There are so many ways you can become a victim and the best thing you can do is ensure you have all the basics covered. Cyber Essentials does this and we swear by it, however that alone wont protect you 100% and its about staying vigilant, training your staff regularly with cyber security awareness and backing up daily offsite as well – although even that isn’t a silver bullet when it comes to ransomware, as sometimes they sit inside your system for 6 months before releasing any form of attack and suddenly your backed up data is corrupt.
At Southern IT we use state of the art technology that we offer as part of our advanced security services, which can stop a ransomware attack in its tracks and then reverse it. This is ground-breaking and we can confidently say that up to 100% of modern-day threats can be mitigated.
For any further information on our security services, feel free to get in touch. We also have a book that our Managing Director Michael Freeman published called ‘How to prepare for a cyber-attack’ which you might find useful. This can be found here: HERE
For further info on Cyber Essentials, we have various articles in the knowledge centre, feel free to take a look and let us know if you have any questions.