Ransomware attacks: how bad will they really get?

A pandemic of a different variety is now plaguing businesses globally – ransomware attacks executed by sophisticated cyber criminals on both institutions and businesses alike.

Previously thought to only be the problem of large corporates or government bodies, no company is now safe from the ongoing threat that this type of attack poses.

In fact, according to IT Pro Portal, businesses in the UK each faced 686,961 breaches to their systems in 2020, with the Atlas VPN team also reporting that in the first half of 2021, ransomware attacks globally were up by 151% when compared to the previous period.

And, with online fraudsters only set to become more and more advanced, the forecast is bleak when it comes to the malware scourge.

But what is ransomware?

Ransomware is a piece of malicious software that, when installed on a computer or network, can effectively hold the owner of that system to ‘ransom’, as it blocks their ability to access it until a fee is paid to unlock it.

Typically, this type of software is installed unknowingly by an organisation’s employee, via phishing emails or via drive-by downloading, which is when a user visits a compromised website – often unwittingly – resulting in malware being downloaded and installed without their knowledge.

An alert will often show stating that they must pay a ‘ransom’ – and the fear and panic that ensues is what these cyber criminals use to get their victims to pay up.

So how can I avoid it?

It’s now that case that it’s not ‘if’ an attack will happen, but a question of ‘when’, so it’s important to take steps to both mitigate the risk — and have a plan in place to avert disaster should the worst happen.

We advise all businesses to:

1. Make regular back-ups
   Backing up your data and storing it at a separate, secure location means that if an attack occurs, you won’t have to pay the ransom to access your information. Ensure that you know how to restore your records and regularly test that it’s working as expected.
   
   
2. Take steps to prevent malware being downloaded and installed
   There are many ways to go about this, including educating colleagues on how to avoid phishing emails and installing mail filters, blocking websites that are known to be malicious, and ensuring all cyber security software is consistently updated.
   
   It’s also important to manage user permissions correctly and practice good asset management – as well as keeping devices patched. Centrally managing devices so that only permitted applications can be run is key to preventing installation in the case that a malicious file has been downloaded.
   
   
3. Plan for an attack
   If your organisation is subject to a ransomware situation, there are steps you can take to limit the impact. This includes disconnecting infected devices as quickly as possible, disabling core network connections if necessary, and resetting all log-in credentials across the board. Furthermore, check that your back-up has not been compromised.
   
   You can then safely wipe infected devices and reinstall the operating system, connect to a clean network and install and update anti-virus software. Once you are certain the device (and your back-up) is free from malware, you can reconnect to the main network and monitor for any further suspicious network activity.

There are more ways that a business can protect itself from an attack, and the advancement of anti-virus software – particularly in the field of artificial intelligence – will help to keep online criminals at bay. At Central, we’re experts in cyber security, and can take a holistic approach to your systems and people to minimise the risk of a ransomware attack.