- Products & Solutions
- Access choices
- Application performance management
- Internet services
- IP address management
- Managed network services
- Virtual Private Network Services
- Network services solutions
- Business technology services
- CRM professional services
- IT professional services
- Network professional services
- Unified communications professional services
- Field force automation
- Flexible working services
- Managed mobility services
- Secure remote access
- Telecom expense management
- Mobility solutions
- Why BT
We are proud that our work is recognized time and again by customers, analysts and professional organizations.
Learn how organizations just like yours get better when they work with us.
Innovation is at the heart of BT’s business.
Catch up on the thoughts and opinions of our experts in our blog.
Explore and debate the big issues with us as we bring together the latest insight on the hottest IT trends.
How we put our customer first.
- About us
We’re well placed to be your trusted partner as you digitally transform your business.
Where the exchange of fresh ideas and information gets up close and personal.
Meet Luis Alvarez, CEO, Global Services and the rest of his leadership team.
- My Account
26 July 2016
Blogs by author: Global Services , We’re a leading global business communications provider
Discover the latest threat to your cyber security — and how to deal with it.
A bad way to start the day.
Imagine turning on your computer to find that, instead of your usual desktop, you’ve got a note. The note says something along the lines of: “All of your files have been encrypted. You have one day to pay £400 for the decryption key.” Then a timer starts. And as the day ticks away, the price shoots up.
Sounds horrible, doesn’t it? Well, unfortunately, this is the reality for anyone whose computer is infected with ransomware.
What is ransomware?
Ransomware usually comes in the form of malware. This can get into your computer in a number of ways; typical means of infection include downloading the software from visiting malicious or compromised websites, being duped into opening spam mail or through software vulnerabilities.
The idea behind the scam is that the ransomware encrypts as much of your data as it can, before attempting to make you pay for a way to decrypt it. It’s basically holding your data for ransom. Of course there’s no guarantee that paying the criminals involved will actually free your data — they may well just ask for more money.
And there are other types of ransomware that could affect you. One other common attack is a ransomware DDoS — where cyber criminals try to extort money from you, under the threat of DDoS attack.
This is not a new problem (the earliest ransomware was recorded in 1989), but it has evolved and grown over the years. On 16 February 2016, for example, 500,000 people were targeted in ransomware attacks.
What does this mean for business?
Don’t be fooled into thinking that this is simply a consumer problem. Criminals target businesses, too. In fact, healthcare has become a prominent target. Just recently, US hospital Hollywood Presbyterian Medical Centre was attacked with ransomware, which encrypted all the patient records. This resulted in hospital staff resorting to pen, paper and fax, the redirecting of ambulances to other hospitals and the cancelation or delay of medical procedures.
In the end, the hospital paid out a $17,000 ransom, which, of course, only encouraged the criminals to launch further attacks.
How to protect yourself.
Thankfully, there are actions you can take to secure your business against ransomware attacks. Or, more accurately, there are nine things you can do to stay secure:
- Encourage the use of strong passwords by users.
- Minimise the number of users who have administrator rights on their local desktop.
- Make sure all local desktops have unique administrator passwords.
- Disable the use of macros loading in Office programs; macro loading through group policy settings should also be disabled.
- Keep all software up-to-date.
- Encourage two-factor authentication.
- Identify if JBoss servers are present on the estate and determine if they are vulnerable.
- Implement an intrusion detection system or intrusion prevention system; this will help detect and protect.
- Educate users on the dangers of ransomware.
While nothing could guarantee you 100 per cent security, following these nine tips is a strong start to any mitigation strategy.
Remember: ransomware is on the rise, and doing nothing to protect yourself is not an option.
If you want more advice on keeping your business secure, or want help from our cyber security experts, then take a look at our security page.
And, discover the darker side of Bitcoin by registering for our panel discussion on ransomware and cyber crime with Palo Alto Networks on 27 July.