You see in the news almost every other day that another government, organisation or charity across the globe has given in to pay yet another cyber criminals ransom request…
for the decryption key to save their data (a cyber-attack known as Ransomware), an increasing risk to the world we live in today caused by problems that can be avoided with Security software, Cyber Awareness Training, Patching outdated systems, Security policies and Principle of least privilege (POLP).
For those that don’t know a great deal about Ransomware the computer virus, here is some information for you; Ransomware is a computer virus which encrypts all of the files on the computer using 256-bit encryption and withholds the decryption key unless you pay a ransom request which is decided by the cyber criminal behind the attack, this could be anywhere between £100.00 – 50,000.00+. The ransom is also not payable by your typical debit or credit card, the payment must be paid in Bitcoin which is an untraceable digital currency used mainly in The Dark Web (Tor network).
This is what a common Ransomware attack looks like:
The attack can come from multiple sources and cyber criminals are actively becoming more creative in their approach to infiltrate corporations to ultimately profit from Ransomware, the most common approach is sending the deadly virus in an email attachment disguised as a typical file such as a PDF, Word document etc. You will usually see these files have macros enabled which allows for code to run on when the file is opened which is where the attack will begin, this is where some of the protocols mentioned above come into play. Security software should act to stop the virus before it has the chance to run any malicious code, Cyber Awareness Training teaches your users to not open any attachments that look suspicious or are unexpected, Security policies such as email quarantine systems should catch the email before it even hits the user and Principle of least privilege (POLP) will ensure that should the virus infect the users machine they are limited in what they can access on the network.
Increasing reports from all over the world continue to pour in relating to Ransomware attacks, so fast that the predicted frequency for Ransomware attacks on business in 2019 is every 14 seconds! Down from 40 seconds in 2016. Below are some interesting statistics provided by Delta Risk.
Approaching this issue from an IT point of view can be heavily dependant on the nature of the company, the security budget you may have and the level of technical ability within the organisation. For instance, different security measures need to be in place for a company with employees travelling to different offices across the UK than for a company whose employees all work in the same office and don’t have the need to travel. We also tend to see a lot of companies that have been hit by Ransomware increase their IT Security budget by 300%+ on average after the attack, whereas the issue could have been prevented completely if this wasn’t neglected prior to the attack, regardless of organisation size the ransom will still be expected to be paid in full. Battling the common threats in cyber space can include up skilling your security teams with additional IT Certifications such as the Comp TIA Security+ cert.