Cyber Security
What Is Ransomware and How Should I Protect My Business?
With more and more business transactions taking place online, it’s vital that you have the correct and preventative measures in place to protect your business from cyber-attacks. One form of cyber-attack that has been on the rise in recent year is ransomware. But what exactly is it?
Ransomware is malware that demands some form of payment from an individual or business in order to recover control of their computer or data. Most commonly, when it comes to personal attacks, the attacker will encrypt personal files on the victim’s computer in a way that means they cannot be opened unless the victim has access to the decryption key. Thus, access to the decryption key is what the attacker wants the victim to pay for. In other cases, such as in a business setting, the attacker may threaten to publicise or leak sensitive information that could be detrimental to business.
A Spike in Ransomware
Based on data from a report by California-based cybersecurity firm, SonicWall, findings revealed that in the first 6 months of 2019, ransomware was on the up. Here are some key findings:
- Ransomware volume was up 15% globally
- Encrypted threats spiked 76%
- IoT malware attacks were up 55%
- Malware attacks across non-standard ports dipped 13%
- With bitcoin value spiking, crypto-jacking volumes were up 9%
What’s more worrying is that the firm reported; “The UK has been the biggest target for ransomware attacks for the first half of 2019 with the number rising 195%, as compared to the 59% reduction in attacks of the same kind in 2018, it has been claimed.”
They went on to say that “Almost half of all infected businesses in the UK now opt for paying the ransom.” This is the main reason that ransomware has spiked. In addition, with more businesses taking out cyber insurance, there is a higher chance that a business will just fall back on their cyber insurance policy and let their insurance provider pay-out, making ransomware a lucrative business for attackers.
High-Profile Attack
In recent cases of ransomware, Travelex is among one of the more high-profile cases. On New Year’s Eve 2019, hackers launched their attack on the Travelex network. As a result, the company took action by taking down its websites across 30 countries to, in their words, contain “the virus and protect data”. The way in which Travelex handled this attack really highlights the importance and need for a good business continuity plan (BCP) should the worst happen.
But despite ransomware being a lucrative venture for hackers, it’s not just large companies like Travelex that are being hit. In relation to this, Simon Bond, CEO of Cyan, says; “Unfortunately, it has become more common for cyber criminals to develop and use sophisticated tools to target the vulnerabilities of smaller businesses.”
“These vulnerabilities are caused due a range of system issues such as technical glitches, unpatched software, or by hardware that hasn’t been configured properly. However, the most common of the vulnerabilities tend to involve employees who use weak or compromised passwords, or inadvertently click on something that opens the business up to an array of issues.”
Glyn Cheesman, IT Security Manager at Cyan, believes many cyber criminals know that SME leaders may not truly understand the impact and importance of cyber security. He goes on to say, “We live in an age where cyberattacks continue to evolve, and of course there is a threat to businesses of all sizes, but it’s particularly more challenging for small to mid-size businesses. It’s therefore critical for companies to understand the risks and work on developing strong risk-mitigation strategies to lessen the devastating impact of cyber threats and attacks.”
How Do I Protect My Business?
The best thing you can do to protect your business and colleagues is to cyber insure your business. Insuring against cybercrime and data risks means you’re protected against new and existing threats, but with cyber insurance, your business will you will also receive help with the practicalities of getting experts to restore systems, recreate data and deal with any demands being made where data is stolen.
Additionally, you can carry out some good business practice to prevent cyber-attacks, which include but are not limited to:
- Ensuring access control is in place. Restricting user access can limit the extent of the encryption to just the data owned by the affected user. Often, employees can have access to data that’s not relevant to their role. Therefore, it’s crucial to re-evaluate the permissions placed on shared network drives regularly in order to prevent the spreading of ransomware. System administrators with high levels of access should always strive to avoid using their admin accounts for email and web browsing.
- Backing up your data. Organisations should ensure that they have thoroughly tested backup solutions in place whether controlled in house or externally. But remember that backed up files should not be accessible by machines that are at risk of encountering ransomware. Remember that backups should not be the only protection you have in place against ransomware; the implementation of adequate security practices will mean not getting ransomware in the first place.
To Pay or Not to Pay: What to Do If You Are Held to Ransom?
The general advice is not to pay if you or your business are held to ransom. However, it is likely that in some cases, insurers will pay out on your behalf depending on the specific circumstances. The reason businesses are advised not to pay out is because there is no guarantee that the attacker will provide the decryption key and/or not sell or publish any company sensitive information.
Almost half of all infected businesses in the UK now opt for paying the ransom, but if you do find yourself in that situation, immediately report the incident to your IT helpdesk. In addition, report the attack to the authorities and your cyber insurance policy provider.
Top Tips to Protect Your Business Against Ransomware
It may not happen, but it’s always better to have preventative measures in place should your business encounter ransomware. There are a few ways to do this, including:
- Implement an incident response plan to help identify, respond and recover from an attack. This will include the steps you plan to take should your business encounter an attack.
- Ensuring there are strong technical and administrative controls in place with security control frameworks.
- A secure and robust Internet connection
- Secure/password-protected devices and software
- Robust access control measures in place
- Updated virus protection software
- Keep your devices and software up to date
For further advice and to discuss implementing robust and secure security measures, get in touch.
Categories
- Case Study
- Charities
- Cloud Computing
- 10 Ways to be More Productive with Microsoft 365
- Cloud Based Services for Business
- Top Cloud Computing Trends
- Myth-busting Cloud Technology
- Technology to Minimise the Disruption Of School Holidays
- Cyan delivers a tailored cloud based solution
- Managing Security With Remote Workers
- What Are The Benefits Of GDPR?
- The biggest risk for data breaches is your employees
- Is your business prepared for bad weather?
- How technology innovation can improve efficiencies for charities
- How internet of things is shaping the workplace of the future
- Does a lack of cloud computing standards compromise its use?
- Common places where SMEs slip-up when using the cloud
- Things to consider before choosing a cloud platform
- Just how secure is the cloud? (Spoiler: Very.)
- Reasons to consider remote working
- Cloud computing terms – what do they even mean?
- Essential time-saving apps for SMEs
- Cyber Security
- “How Strong Is My Password?”
- Industry News Roundup December 2020
- Shocking Cyber Security Stats 2020
- How Staff Accidentally Help Hackers Steal Sensitive Data
- A quick guide to keep personal devices secure
- Three super simple things you can do now to protect your business
- Have You Considered These Risks to Your Business?
- Cyan Approved to Join NCSC Cyber Information Security Partnership (CiSP)
- What Is Cyber Insurance and Does My Business Need It?
- What Is Ransomware and How Should I Protect My Business?
- The End of Life for Windows 7
- What is Cyber Essentials and Why is it Great For Your Business?
- The Cyber Security Basics You Should be Covering Now
- How to Create a Cyber Security Policy for Your Business
- 3 Reasons Businesses Are Still Getting Their Cyber Security Wrong
- Cyber Security Risks You Need to Focus on in 2020
- Cyber Security Services
- Remote and Fully Managed IT Support Tailored To Your Needs
- IT Security Strategy: What You Need to Know
- Essential Recommendations for Business IT Security
- How Often Should You Audit Your Business Cybersecurity?
- Managing Cybersecurity Solutions for SMEs
- Cybercrime Is On The Increase
- Monitoring The Dark Web To Stop Security Breaches Fast
- How to protect your business against phishing scams
- Disaster Recovery
- GDPR
- Myth-busting Cloud Technology
- Using The Cloud For Your Disaster Recovery Strategy
- How to Make Sure Your Staff Don’t Breach Your Data Security
- What Are The Benefits Of GDPR?
- Monitoring The Dark Web To Stop Security Breaches Fast
- The biggest risk for data breaches is your employees
- The Dos And Don’ts Around Consent For GDPR Compliance
- Plan. Create. Maintain for GDPR compliance
- Checklist For GDPR Compliance – Are You Ready?
- The Financial Impact and Gains Of GDPR
- What You Need To Know About GDPR: 6 Key Principles
- How GDPR affects charities
- The Data Protection Law Is Changing: What Does Your Business Need To Do?
- IT Budget
- IT Help Desk
- IT Infrastructure
- The End of Life for Windows 7
- What is a Typical IT Budget for a Small or Midsize Business?
- Digital Transformation Of Social Housing – Top Five Trends
- How and Why You Should Use Scalable Technology Infrastructure
- Driving Business Growth Through IT Infrastructure
- How Cyan Solutions Helped Toto Energy drive rapid Growth
- IT Security
- “How Strong Is My Password?”
- Industry News Roundup August 2020
- Keep devices protected while remote-working
- Have You Considered These Risks to Your Business?
- Cyan Approved to Join NCSC Cyber Information Security Partnership (CiSP)
- What Is Cyber Insurance and Does My Business Need It?
- What Is Ransomware and How Should I Protect My Business?
- The End of Life for Windows 7
- What is Cyber Essentials and Why is it Great For Your Business?
- The Cyber Security Basics You Should be Covering Now
- How to Create a Cyber Security Policy for Your Business
- 3 Reasons Businesses Are Still Getting Their Cyber Security Wrong
- Cyber Security Risks You Need to Focus on in 2020
- Cyber Security Services
- IT Security Strategy: What You Need to Know
- Essential Recommendations for Business IT Security
- How Often Should You Audit Your Business Cybersecurity?
- Managing Cybersecurity Solutions for SMEs
- Top 5 Ways To Avoid Phishing Emails
- Key Technology Trends Impacting the Energy Sector
- Top Benefits of Outsourcing Your IT Requirements
- Using The Cloud For Your Disaster Recovery Strategy
- Managing Security With Remote Workers
- Our Guide To IT Budgeting
- How to Make Sure Your Staff Don’t Breach Your Data Security
- Driving Business Growth Through IT Infrastructure
- Plan. Create. Maintain for GDPR compliance
- Flaw in Intel Chips Puts Millions of Computers At Risk
- Does a lack of cloud computing standards compromise its use?
- 10 basic (but essential) business tech security tips
- Just how secure is the cloud? (Spoiler: Very.)
- Cloud computing terms – what do they even mean?
- Essential time-saving apps for SMEs
- IT Services
- 10 Questions to Ask About Your IT Service Provider in 2020
- Virtual CIO Services
- Cloud Based Services for Business
- What is a Typical IT Budget for a Small or Midsize Business?
- Does Outsourcing Mean IT Cost Reduction
- Tips for Finding the Best IT Consulting Solutions
- Top Benefits of Outsourcing Your IT Requirements
- Cyan delivers a tailored cloud based solution
- What support should you expect from your IT provider
- IT Strategy
- IT Strategy Template 2021
- Why Your Business Needs an IT Strategy
- Why you should be making plans to implement remote working long-term
- Continuity Checklist
- Have You Considered These Risks to Your Business?
- The End of Life for Windows 7
- What to Include in Your IT Strategy in 2020
- What Does Digital Transformation Mean for Your Business in 2020?
- Remote and Fully Managed IT Support Tailored To Your Needs
- Essential Recommendations for Business IT Security
- What is a Typical IT Budget for a Small or Midsize Business?
- Does Outsourcing Mean IT Cost Reduction
- Is Your IT Spending Under Control?
- IT Budget Planning Mistakes You Should Avoid
- What is Your IT Strategy?
- Tips for Finding the Best IT Consulting Solutions
- Embrace New Technology with an IT Transformation Strategy
- Do Your Employees Understand Your IT Business Strategy?
- Digital Transformation Of Social Housing – Top Five Trends
- Top 5 Ways To Avoid Phishing Emails
- Key Technology Trends Impacting the Energy Sector
- Cybercrime Is On The Increase
- Essential Data Back-Up & Disaster Recovery Tips
- Using The Cloud For Your Disaster Recovery Strategy
- Harnessing Technology to Enhance Housing Associations Performance
- Why Your Phone System is an Essential Part of Your Technology Strategy
- Driving Business Growth Through IT Infrastructure
- The Dos And Don’ts Around Consent For GDPR Compliance
- The Importance Of Having A Good Technology Strategy
- Things to consider before choosing a cloud platform
- IT Support
- 10 Questions to Ask About Your IT Service Provider in 2020
- Remote and Fully Managed IT Support Tailored To Your Needs
- What is a Typical IT Budget for a Small or Midsize Business?
- Does Outsourcing Mean IT Cost Reduction
- Tips for Finding the Best IT Consulting Solutions
- Key Technology Trends Impacting the Energy Sector
- Top Benefits of Outsourcing Your IT Requirements
- What support should you expect from your IT provider
- How your customers benefit from using a smart meter
- Microsoft Office 365
- A Day in the Life of a Managing Director
- Industry News Roundup December 2020
- 10 Ways to be More Productive with Microsoft 365
- Digital Transformation Of Social Housing – Top Five Trends
- Key Technology Trends Impacting the Energy Sector
- Top Benefits of Outsourcing Your IT Requirements
- Managing Volunteer Teams Through Good Technology
- Microsoft Office 365: Discounts and Subscriptions for Charities
- How technology innovation can improve efficiencies for charities
- News
- Industry News Roundup December 2020
- Industry News Roundup August 2020
- Industry News for July 2020: Remote Working
- Have You Considered These Risks to Your Business?
- Cyan Approved to Join NCSC Cyber Information Security Partnership (CiSP)
- What Is Cyber Insurance and Does My Business Need It?
- What Is Ransomware and How Should I Protect My Business?
- The End of Life for Windows 7
- What is Cyber Essentials and Why is it Great For Your Business?
- The Cyber Security Basics You Should be Covering Now
- How to Create a Cyber Security Policy for Your Business
- 3 Reasons Businesses Are Still Getting Their Cyber Security Wrong
- Cyber Security Risks You Need to Focus on in 2020
- What to Include in Your IT Strategy in 2020
- 10 Questions to Ask About Your IT Service Provider in 2020
- What Does Digital Transformation Mean for Your Business in 2020?
- IT Security Strategy: What You Need to Know
- Essential Recommendations for Business IT Security
- How Often Should You Audit Your Business Cybersecurity?
- Managing Cybersecurity Solutions for SMEs
- What is a Typical IT Budget for a Small or Midsize Business?
- Does Outsourcing Mean IT Cost Reduction
- Is Your IT Spending Under Control?
- IT Budget Planning Mistakes You Should Avoid
- What is Your IT Strategy?
- Tips for Finding the Best IT Consulting Solutions
- Embrace New Technology with an IT Transformation Strategy
- Do Your Employees Understand Your IT Business Strategy?
- Digital Transformation Of Social Housing – Top Five Trends
- Top 5 Ways To Avoid Phishing Emails
- Key Technology Trends Impacting the Energy Sector
- Top Cloud Computing Trends
- Myth-busting Cloud Technology
- Top Benefits of Outsourcing Your IT Requirements
- How and Why You Should Use Scalable Technology Infrastructure
- Cybercrime Is On The Increase
- Essential Data Back-Up & Disaster Recovery Tips
- Technology to Minimise the Disruption Of School Holidays
- Cyan delivers a tailored cloud based solution
- Using The Cloud For Your Disaster Recovery Strategy
- Managing Security With Remote Workers
- Our Guide To IT Budgeting
- What support should you expect from your IT provider
- How Blockchain Gives Transparency to Charity Spending
- How to Make Sure Your Staff Don’t Breach Your Data Security
- Harnessing Technology to Enhance Housing Associations Performance
- Why Your Phone System is an Essential Part of Your Technology Strategy
- What Are The Benefits Of GDPR?
- Monitoring The Dark Web To Stop Security Breaches Fast
- Driving Business Growth Through IT Infrastructure
- The biggest risk for data breaches is your employees
- Why Use A Virtual CIO?
- Is your business prepared for bad weather?
- The Dos And Don’ts Around Consent For GDPR Compliance
- The Importance Of Having A Good Technology Strategy
- Plan. Create. Maintain for GDPR compliance
- Checklist For GDPR Compliance – Are You Ready?
- The Financial Impact and Gains Of GDPR
- Managing Volunteer Teams Through Good Technology
- What You Need To Know About GDPR: 6 Key Principles
- How GDPR affects charities
- How your customers benefit from using a smart meter
- The Data Protection Law Is Changing: What Does Your Business Need To Do?
- Microsoft Office 365: Discounts and Subscriptions for Charities
- How to protect your business against phishing scams
- Flaw in Intel Chips Puts Millions of Computers At Risk
- What even is a blockchain?
- 7 must-have apps and software that aid remote working
- How Cyan Solutions Helped Toto Energy drive rapid Growth
- How technology innovation can improve efficiencies for charities
- How internet of things is shaping the workplace of the future
- Does a lack of cloud computing standards compromise its use?
- Some of the most innovative applications of VR by businesses we’ve seen so far
- Common places where SMEs slip-up when using the cloud
- Tips to be more mobile friendly
- Cyan delivers sustainable solutions and increases confidence in IT at Sands
- Will AI ever completely replace human customer service?
- 10 basic (but essential) business tech security tips
- Things to consider before choosing a cloud platform
- How artificial intelligence will affect future business
- Just how secure is the cloud? (Spoiler: Very.)
- Reasons to consider remote working
- Cloud computing terms – what do they even mean?
- Essential time-saving apps for SMEs
- Telecommunications
- Virtual CIO
- Virtual CIO Services
- Is Your IT Spending Under Control?
- IT Budget Planning Mistakes You Should Avoid
- What is Your IT Strategy?
- Tips for Finding the Best IT Consulting Solutions
- Embrace New Technology with an IT Transformation Strategy
- Do Your Employees Understand Your IT Business Strategy?
- Driving Business Growth Through IT Infrastructure
- Why Use A Virtual CIO?