Held to Ransom – Coming to a small business near you
There are hundreds of successful ransomware attacks daily where critical data has been encrypted and a ransom demanded. As data owners we need to protect our information and avoid being held to ransom.
Ransomware is a type of malware that is usually distributed via phishing emails. Unsuspecting users are hit with malware in an email attachment or redirected to a website where the malware is downloaded and runs. Some websites have malware stored and a simple visit to such a website is enough to infect your computer. UK has the highest number of ransomware infections in Europe.
When executed, the malware application will encrypt data on the user’s network so that it cannot be accessed. This includes all other PC’s on the network and any fileserver. Such attacks used to be aimed at large corporations such as Sony and BA. These organisations have a dedicated IT security team and a lot of resources to tackle the issue. Now IT security and vulnerability is everyone’s concern because the cyber criminal is targeting at smaller businesses who rely on their data and don’t have a dedicated IT security team. Take the example of a small accountants that has ten employees – they were hit by ransomware and one by one, each users screen showed the message like the one in the image above. The price to unlock their data was £8,000. They couldn’t afford to loose their customers data and have ten employees out of action. Fortunately, they had a full cloud backup of their data and Cyber Insurance. Their Cyber Insurance, covered the loss incurred for the downtime and the cost of recovery. Did the business fail? No, thanks to their cloud backup and cyber-insurance, they closed for 4 days, whilst all data was restored from backup and the cyber-insurance paid for the cost and the downtime
Was there more that they could have done? Yes, they used Windows included anti-virus solution alone. By using specialist Antivirus, Malware protection and Active monitoring it is very likely they would not have been vulnerable to the attack.. Our IT security package includes all of these and makes sure that all of your computers are patched up to date. From our central control panel, we push updates to your PC’s and check the status of software installed on each PC. The ransomware mentioned above, arrived via email and they were using emails delivered via a well known hosting/Internet business. If they had been using our Secure Business Email service, the messages are scanned and filtered on the fly which would have stopped it reaching the user. Our Zimbra exchange email service uses over 1 billion points of reference live to remove malware, ransomware and spam.
Small businesses are targeted by Cyber Criminals because they usually can’t afford any downtime. They are vulnerable because they create their IT infrastructure by adding devices as they grow without the professional awareness of IT security. This has become increasingly the case as many organisations allow Bring Your Own Devices (BYOD) and rely on individual users to protect their own IT equipment. Frequently, mobile phones, laptops and tablets have either no IT security software or use freeware.
Our vulnerability scanner detects any points of entry to your network and identifies where ransomware and malware can gain access. Once we have identified any weaknesses in a network we provide the solutions and protection to make your network robust and secure. This is usually via our IT security software products and firewall solutions. If you would like a no obligation vulnerability scan and report, call us on (01244) 457870.
Prevent Ransomware
The first step in preventing ransomware is to make sure that your emails are safe. Our Secure Business Email Service uses effective spam and phishing removal. It uses the collective intelligence of over 1 billion spam-reporting sources all working in real time so that new threats or spam emails are very quickly identified and trapped. There are also layers of protection to block unwanted emails. You can manually add addresses to your own block list. If possible, it is a good idea to block free email accounts such as Gmail, Hotmail and Yahoo as they are frequently used to send phishing and spam messages. Cybercriminals will never use their own domain as this will require payment which leave a traceable path back to them.
Only open messages from people that you are expecting messages from. Most emails are generally from people that you do business with and have an on-going relationship with. If you receive an email from a new recipient, that you were not expecting – exercise caution. Don’t open attachments from the new recipient without carrying out checks. If possible, speak to the person and check that they sent the email and that the attachment is legitimate.
Always have an up-to-date antivirus and firewall application on each computer and server. Do not rely on the Windows system firewall and protection. Our IT Security antivirus, malware protection and active monitoring makes sure that your system has all of the latest security patches and protection. We initiate virus and malware scans remotely as well as instigating Windows security updates. This makes sure that you computer(s) are protected. The browser protection mode ensures that you don’t open a web location that is infected with malware.
Data Backups are your best weapon
The best way of preventing being held to ransom is to have a backup of your critical data. No matter what happens to your data, if you have regular backups, you can recover from any incident – you are not held to ransom. The backups should be on a secure cloud server and not directly attached to your computer or network. If you have an external hard drive or NAS storage connected, this will be attacked by the ransomware. Depending on budget and dependence on your data, it is best to have several full data backup sets stored. You should also test that you are able to recover the data successfully. By doing a recovery test, you are making sure that the data is sound and you are practising the procedure.
If you need help or would like to discuss your IT Security, please contact us on (01244) 457870.
Sensible IT security does not need to cost the earth. Having peace of mind and a well protected business costs less than you might think.