Spare a thought for the owners of a British company who logged in to their systems one morning in early February to discover that none of their files and systems were accessible. Instead, there was a message telling them that they needed to pay a ransom in Bitcoin in order to access a key that would unlock their computer systems.
After a few attempts at getting around the ransomware problem, the unnamed company paid up and was relieved to get their business back online. But that’s not the end of the story… according to CPO Magazine, “the same ransomware gang struck again within two weeks, demanding another payment.”
It’s a sad, cautionary tale and unfortunately, it happens all too often.
A lack of effective cybersecurity can leave your organization wide open to a ransomware attack. And with nearly half of all the small and medium-sized businesses in the UK suffering some kind of an attempted hack over a year period, you are gambling with your future without effective cybersecurity.
A ransomware attack usually begins with malware, which is malicious software that has been snuck onto a computer, usually through a successful phishing attempt.
What is ransomware? According to the National Cyber Security Centre (NCSC), it’s “a type of malware that prevents you from accessing your computer (or the data that is stored on it). The computer itself may become locked, or the data on it might be stolen, deleted or encrypted.” Another variant occurs when hackers access data that they think might be harmful or embarrassing on your computer and they threaten to publish it unless you pay a ransom.
What usually happens is that the victim is contacted via an anonymous email address, and a payment is demanded through a hard-to-trace cryptocurrency such as bitcoin. There is lots of debate around whether victims should pay up but the sad fact is that often they simply have no other options.
The best way to combat a ransomware attack is through comprehensive cybersecurity. The NCSC recommends ‘layers of defense with several mitigations at each layer. You'll have more opportunities to detect malware, and then stop it before it causes real harm to your organization. You should assume that some malware will infiltrate your organization, so you can take steps to limit the impact this would cause, and speed up your response.’
Making backups of your most important files that are kept in a separate offline location is vital. Furthermore, you need to make sure you know how to restore files from a backup, and that you scan those backups for malware before you reload them into your system.
If you would like to make sure your company is secured from ransomware, then get in touch with 2SEC today.