Our blog

How to avoid being held for ransom

k

26 July 2016

Global Services

Blogs by author:  Global Services , We’re a leading global business communications provider

LinkedInTwitterYouTubeSlideshare

Discover the latest threat to your cyber security — and how to deal with it.

A bad way to start the day.

Imagine turning on your computer to find that, instead of your usual desktop, you’ve got a note. The note says something along the lines of: “All of your files have been encrypted. You have one day to pay £400 for the decryption key.” Then a timer starts. And as the day ticks away, the price shoots up.

Sounds horrible, doesn’t it? Well, unfortunately, this is the reality for anyone whose computer is infected with ransomware.

What is ransomware?

Ransomware usually comes in the form of malware. This can get into your computer in a number of ways; typical means of infection include downloading the software from visiting malicious or compromised websites, being duped into opening spam mail or through software vulnerabilities.

The idea behind the scam is that the ransomware encrypts as much of your data as it can, before attempting to make you pay for a way to decrypt it. It’s basically holding your data for ransom. Of course there’s no guarantee that paying the criminals involved will actually free your data — they may well just ask for more money.

And there are other types of ransomware that could affect you. One other common attack is a ransomware DDoS — where cyber criminals try to extort money from you, under the threat of DDoS attack.

This is not a new problem (the earliest ransomware was recorded in 1989), but it has evolved and grown over the years. On 16 February 2016, for example, 500,000 people were targeted in ransomware attacks.

What does this mean for business?

Don’t be fooled into thinking that this is simply a consumer problem. Criminals target businesses, too. In fact, healthcare has become a prominent target. Just recently, US hospital Hollywood Presbyterian Medical Centre was attacked with ransomware, which encrypted all the patient records. This resulted in hospital staff resorting to pen, paper and fax, the redirecting of ambulances to other hospitals and the cancelation or delay of medical procedures.

In the end, the hospital paid out a $17,000 ransom, which, of course, only encouraged the criminals to launch further attacks.

How to protect yourself.

Thankfully, there are actions you can take to secure your business against ransomware attacks. Or, more accurately, there are nine things you can do to stay secure:

  • Encourage the use of strong passwords by users.
  • Minimise the number of users who have administrator rights on their local desktop.
  • Make sure all local desktops have unique administrator passwords.
  • Disable the use of macros loading in Office programs; macro loading through group policy settings should also be disabled.
  • Keep all software up-to-date.
  • Encourage two-factor authentication.
  • Identify if JBoss servers are present on the estate and determine if they are vulnerable.
  • Implement an intrusion detection system or intrusion prevention system; this will help detect and protect.
  • Educate users on the dangers of ransomware.

While nothing could guarantee you 100 per cent security, following these nine tips is a strong start to any mitigation strategy.

Remember: ransomware is on the rise, and doing nothing to protect yourself is not an option.

If you want more advice on keeping your business secure, or want help from our cyber security experts, then take a look at our security page.

WannaCry Ransomware  - listen to Mark Hughes, President of BT Security and Les Anderson, VP, Cyber and CSO, at BT, explain more about what’s happened.

Our report with KPMG, Taking the Offensive – Disrupting Cyber Crime, gives you a detailed view of the current threat landscape, and practical steps your business can take to stay secure in the face of organised criminal entrepreneurs.