Chillingly, bearing in mind the events of the last few days particularly involving many NHS trusts, the report also warned that the threat from ransomware was not only growing, but evolving to allow hackers to target vulnerable organisations.
In a further twist, the increasing sophistication of the attacks can enable the coders behind the incursions to survey network systems to choose the most critical assets to lock down and to increase their ransom demands based on the value of files they encrypt.
The study also found that hacks and malware accounted for 40% of data breaches at financial institutions in 2016, up from 27% in 2015. Here too the incidence of unintended disclosure, primarily owing to misdirected emails, rose, rising from last year's tally by four percent – to 28% of breaches in 2016 from 24% in 2015.
Simon Pell, founder of Wardour Secure Networks, is no stranger to Ransomware attacks and has been approached by several bereft companies after their entire systems had been encrypted. Simon says, “nobody recommends that anyone pay the ‘ransom’ to get their files back but often people are so desperate to try and retrieve many years of work or personal folders that they will pay – and the criminals know this, which is why Ransomware is growing and evolving so fast.
“Of course, the best thing to do is make sure that you cannot become infected and that is by having the right Anti-virus protection. Only around 30% of Anti-malware software was able to stop the latest Ransomware attack and the vast majority of current infections are happening on systems ‘protected’ by sub standard programmes”.
Simon adds, “It is very important that you have some good anti-virus software installed on your computers and servers to keep this threat at bay. The cost of anti virus protection against the damage a virus or ransomware could do is incredibly small and yet companies still try to get by. This is a false economy and the small initial cost far outweighs the loss you or your company would suffer should its systems be brought down by a virus.
“The second-best way of dealing with the threat is to make sure there isn’t actually a threat at all by having a robust back up plan in place. Not only backup BUT it has to be working. There is no point in having a backup to then discover you can’t restore your files or device. Why would you pay a ransom on files on which you already have full back ups?”
Remember there is a huge difference between a backup solution and using storage such as Dropbox or One Drive. If you use these and you get infected anyone who has the files shared can potentially infect the other users sharing those files. While these solutions are excellent storage for sharing files they still need to be backed up – Can your backup do this?
Simon has listed some key points which everyone - individuals and businesses - can do to protect themselves against the threat of Ransomware -
- Have a current, working backup strategy
- Have a good quality Anti-virus programme
- Always use legal software and avoid pirated copies
- Keep your operating system Up to Date and if the software offers an automatic update option, TAKE IT! (if unsure ask)
- Beware of click bait stories on the internet
- Be cautious when using free WiFi from coffee shops and bars, free might actually cost you more than you think.
- Lastly, never open suspicious email or attachments
Most viruses and Ransomware will infect systems via email attachments or infected websites.
Cyber criminals like to make use of social media platforms of the accounts of your friends, family, or colleagues to send you malicious links masked as harmless ones. Do not to open ANY email attachments from addresses you don't know. If it appears from someone you do know, it is best to check with that person first if you have your suspicions.
Also, beware of fake emails appearing as online banks, HMRC etc. These are likely to include malware-ridden links in order to release it into your system to seize control of it. This process is called Phishing. Remember HMRC DO NOT send emails, most banks DO NOT send emails, if it’s too good to be true it’s probably not true.
Whatever happens, this threat is not going away and new infections – and probably cleverer ones – will occur. Be aware, be smart and keep up to date with these type of threats... or find a good IT company to do it for you. Think what your family photos are worth to you or all the hard work you’ve put into building that business over the last few years? If you don’t spend time and probably money protecting yourself properly now, then the alternative can be very costly indeed - in more ways than one.
For further information contact Simon Pell at Wardour Secure Networks: