In 2019, a business will fall victim to a ransomware attack every 14 seconds according to the Official Annual Cybercrime Report, with predictions that cybercrime will cost the world in excess of $6 trillion annually by 2021.
There are many different types of ransomware but the nature of each remains the same – they demand a ransom payment in exchange for the release of your computer system or data.
Ransomware is a type of malicious software that blocks access to your Data, by running an encryption program and making it unreadable without a decryption key that the hacker holds. They then demand a ransom to be paid in digital currency for providing you with the decryption key to unscramble your data files.
How do they achieve this?
The most common way hackers take over control of your computer is through an email Phishing attack, tricking the user in to opening a file they believe they can trust. The hacker may pose as a senior member of staff through Social Engineering by LinkedIn and Facebook Profiles, so they open the file that downloads the malicious payload inside the Company network. More aggressive forms of hacking do happen where the criminal finds holes in your cyber security system (Vulnerabilities and Exploits) and takes over your computer. Therefore, it is crucial to have a security system in place and to install regular updates to it, as these will protect your computer systems from being broken into via pre-existing vulnerabilities and exploits in the Operating System.
What would be the impact on your business?
Only 4% of businesses say they’re confident they would know what to do in the event of a ransomware attack. Paying the ransom can have a significant impact on your business with attackers asking for thousands to unlock your data. You then become a target for repeat attacks, as the criminals know that you will pay. Another impact on your business would be the potential fine for the breach of client data under GDPR legislation, and the impact such an attack would have on the reputation of your business. You could also permanently lose information crucial for the running of your business.
What can you do about ransomware attacks?
The common thread through all the reported cases of ransomware is that most cyber-attacks and data beaches are avoidable.
To avoid becoming the next victim of a ransomware attack or data breach make sure your security systems are up-to-date and robust backup procedures are in place to minimise disruption to your business should the worst happen.
Your software should be regularly reviewed with an IT policy in place which addresses whether staff can download and install new software onto your system, as unauthorised software can silently copy your customers data without you even knowing. Educate yourself (and your employees) on how to detect email phishing, suspicious websites, and other scams and exercise common sense. If it seems suspect, it probably is.
We’re an official partner of ThreatLocker which offers protection against malware, viruses and other security threats through a ZeroTrust model, where only authorised programs can run and access company Data. Our comprehensive approach will ensure everything which could threaten your business IT system is blocked and we can help you control who can access your data and which software is running in your business.