What is a ransomware?
Ransomware is defined as ‘a type of malicious software designed to block access to a computer system until a sum of money is paid.’ If you are targeted by a ransomware attack then typically your computer will become locked and/or your data could be stolen, deleted or encrypted. An anonymous request for money will then be sent asking you to pay a ransom in return for access to your data. However, there is no guarantee that this will happen if you pay the ransom.
Some ransomware attacks can also spread to other computers on your network, affecting your whole system.
Ransomware attacks are becoming a common technique used by cyber criminals to target businesses and their IT systems in a bid to obtain money.
How are ransomware attacks distributed?
Common techniques used by cyber criminals to deploy ransomware cyber-attacks include:
- Phishing emails – aimed at tricking individuals into clicking a link or opening a file which includes malicious software which can then distribute ransomware on to a computer or across your network
- Remote Desktop Protocol (RDP) – This technique makes use of technology which allows IT administrators to securely access a user’s computer remotely. Cyber criminals have been known to hack these systems and gain access to a computer allowing them to deploy ransomware software
- USB and removable media – Criminals can distribute USB devices which contain malicious software. Once opened they can deploy ransomware software to your computer
Are ransomware attacks on the rise?
In short, yes. There is plenty of data out there which suggests ransomware attacks are on the rise. Figures from CyberEdge suggest the number of ransomware attacks have been increasing every year since 2017.
And it seems that the COVID-19 pandemic is also contributing to this rise in ransomware attacks as cyber criminals look to take advantage of:
- Changes to the way businesses operate
- The rapid increase in the numbers of those working from home
- Tapping into people’s concerns about the virus as a way to successfully deploy ransomware through phishing emails.
In 2017 the Wannacry ransomware attack spread across the world. And was one of the first ransomware attacks believed to be a coordinated cyber-attack. It affected the NHS in England and Scotland along with countless other businesses and organisations. A high-profile ransomware attack hit global aluminium producer Norsk Hydro in 2019. And in just the last few days there has been news that there have been increases in the number of ransomware attacks targeting universities.
The high-profile attacks are just the tip of the iceberg, businesses are falling victim to ransomware attacks every day across the world.
How to protect your business from a ransomware attack
There are many ways that you can protect your business from a ransomware attack.
Data Back Ups
One of the most important steps in protecting your business from a ransomware attack is having a full back up of your data. Having an up to date back up of all of your data can allow you to better recover from the impact of a ransomware attack as it can help limit data or system loss.
Amongst other things, backups should be:
- Performed regularly
- Include an offline backup which is stored separately from your network and systems
- Include multiple backups stored using different backup solutions.
- Scanned for malware before being used to restore your files
Another important step is to prevent ransomware malware from being distributed in the first place:
- Have anti-virus and anti-malware software in place
- Make sure all software and operating systems are updated and any patches applied.
- Limit the use of USB’s and other removable media. As well as the use of personal devices within your network.
- Staff training is also vital. Make sure your staff are trained to understand the risks of a cyber-attack and how to spot the common techniques used to distribute a ransomware attack. Ensure all staff take responsibility for protecting your business and feel able to question something if it doesn’t seem right.
The National Cyber Security Centre have produced this guide to mitigating malware and ransomware attacks and it is certainly worth a read if you are looking at ways to protect your business from a ransomware attack.
The value of cyber insurance in protecting against a ransomware attack
Cyber-attacks are on the rise. And businesses of all sizes are at risk – it is not something which only impacts big business. Small and medium sized businesses are thought to be just at risk of a cyber-attack, if not more so.
Yet according to figures from the ABI published in 2019, it is thought that only 11% of businesses have a specific cyber insurance policy. Or to put it the other way – 89% of businesses do not have specific cyber insurance in place. Yet the risk is high, and a cyber-attack can cost businesses significant amounts of money as well as untold reputational damage.
Whilst all policies are different, and you need to check the exact cover you are buyin, cyber insurance typically provides wide ranging cover.
And cyber insurance can provide much needed business support in the wake of a cyber-attack, as well as cover for the financial impacts of an attack.
Areas a cyber insurance policy can provide cover for which may be relevant to a ransomware attack include:
- Ransomware and extortion – covering ransom costs and providing support to manage the situation. As well as cover to restore system security.
- Cyber business interruption – compensating your business for any losses occurred if your business has to temporarily shut if your systems are hacked or compromised by a cyber-attack
- The costs of undertaking investigations into causes of the attack as well as identifying where fixes are required to restore security
- Costs of regulatory investigations which may arise from data losses
If your business doesn’t have cyber insurance yet, at Anthony Jones we would ask you why not? We would strongly advise all businesses with any reliance on systems and data, to consider protecting their online business. And to treat this with the same level of importance as covering tangible assets – if not more so. The risk of cybercrime is real and is not one that is going away. Get in touch with us today on 0208 290 9080 or email us at firstname.lastname@example.org.