Ransomware still seems to be flavour of the month for cyber criminals. UK businesses face 38 new variants a day, according to one security firm – over 2,500 already this year. No sooner has one crisis passed, like last year’s Wannacry ransomware attacks affecting over a third of the England’s NHS trusts, than variants begin creating havoc again.
What is Ransomware and How Does It Work?
On one level, ransomware is quite a specific type of threat: malicious software is used to encrypt an individual’s or business’ files. Sometimes, instead, the software threatens to publish the data on the Internet (“leakware”). A demand (usually a message delivered by the software) follows asking for a ransom, in exchange for which the victim is promised a digital key to unencrypt or secure their data.
The temptation to pay is strong. In an increasingly technology dependent world, many businesses simply can’t operate without access to key data. Furthermore, as Wannacry showed, the growth of the Internet of things and connected devices means ransomware can lock businesses out from not just their data, but also their equipment. Wannacry rendered medical equipment such as MRI scanners and blood testing devices effectively useless at some hospitals.
Whether paying is the right thing to do is another question: According to one recent report, less than half of ransomware victims who pay actually get their files back. Paying up also encourages more attacks, say some.
Better Than a Cure: How to Prevent Malware
The debate on whether to pay or not is a distraction from the more important question of how to prevent infection in the first place, though.
Because, while ransomware may be a specific type of malware, it is still just malware. It usually gets in the same way as any normal virus: staff inadvisably opening an email attachment, clicking on the wrong link on a website or plugging in an infected USB stick. It shouldn’t be a shock that the investigation into the Wannacry attacks last year found they could have been prevented.
At Intersys we strongly advise following a robust prevention strategy. Here is our five point checklist of what to do to prevent a Ransomware attack.
- Invest in staff training – everyone with access to a computer must be made aware of the dangers
- Use enterprise grade security – devices which inspect all traffic passing across your network have a higher chance of preventing a breach
- Use multiple levels of anti-malware and anti-virus
- Get an IT security expert to check your controls, working practices and network configuration
- Improve your general security by choosing unique passwords and two factor authentication.
Good data hygiene, up-to-date security and good training for staff go a long way to help prevent malware. And – when prevention isn’t always possible – good, regular backups provide the best mitigation.
After all, if you ever do find yourself having to ask whether it’s worth paying up in the event of a ransomware attack, you want to make sure you have some sort of alternative.
For more IT security advice, just get in touch to discuss your needs.