Threats of ransomware are on the rise
Ransomware gangs are among the big winners from Covid-19. The novel coronavirus provided them with a massive opportunity to attack vulnerable companies and supply chains, thanks in no small part to employees taking their work home without sufficient digital defences.
But what is ransomware? Should you pay the ransom if you are attacked? And how can you avoid being a victim?
Understanding the basics of ransomware
A ransomware attack happens when hackers infiltrate systems, encrypt data and demand a ransom in return for the decryption key and access to the data again. Alternatively, hackers may claim to have stolen confidential data and threaten to publish it unless a ransom is paid. Ransoms are paid in cryptocurrency, usually bitcoin, largely due to the anonymity of crypto. Ransomware typically gets into organisations through phishing emails, where staff click on an infected link and download the malware.
Alternatively, attackers can exploit vulnerabilities in software or use stolen Remote Desktop Protocol credentials to access networks and infect computers. For more detail on phishing attacks, please see our previous blog here
Should I pay?
So what do you do if you become the victim of such an attack and get a ransom request to get access to your data again, or stop the hackers publishing confidential information?
The official advice from the police and government is not to pay. They argue that there is no guarantee you will get your data back or that hackers won’t publish data anyway. You will likely be funding other illegal activity. Furthermore, you would be encouraging further attacks, both on your own organisation and on others. As long as it is profitable for the attackers, the problem will only continue to escalate.
However, victims will usually be more focused on resolving their immediate crisis. Paying ransoms is not illegal and may well be cheaper than the cost of systems being down for a long period or having to rebuild systems. As a result, many companies do pay up, although there are no figures for how many do so. The UK’s National Cyber Security Centre (NCSC) said it had recorded 777 cyber incidents over the previous year, up from 723 in 2020
The value of preparation and prevention
The best course of action for businesses is to avoid falling victim to an attack in the first place. Most attacks come via relatively unsophisticated methods, such as phishing emails, compromised credentials and unpatched systems. So training staff properly are essential starting points for reducing the risks. A ransomware attack can start with one person inadvertently clicking on a link, so every team member needs to be cyber aware and responsible.
There has never been a better time to start a career in cyber security. Find out more about how to prevent Cyber Security threats and begin your career in IT with our job ready Cyber Security Practical Experience Programme from IT Certify.
Just click here to find out more.