Ransomware Attacks: What Would You Do?
Mon, 19 Aug 2019 14:47
Organisations across the globe continue to grapple with the threat posed by ransomware attacks. This year, there has been a barrage of ransomware attacks on unsuspecting businesses and local authorities across the world. From the UK to Johannesburg, from global aluminium manufacturers to local authority in Florida, hackers are sparing no one - using ransomware to target organisations globally.
What are ransomware attacks and what would you do if you were caught up in one? We look at what other businesses have done when faced with the situation and the lessons you can learn.
What is a Ransomware Attack?
Ransomware is a type of malicious software, or malware, which first gains access to your system and then uses encryption to lock the computer data. The goal is to illegally take control of systems and destabilise business operations to extort money from the business.
Hackers are known to use a range of tactics, including phishing, to gain access to systems. Once in, it's only a matter of time before data and systems are compromised and users find themselves locked out.
Some of the common attempts of introducing ransomware are by getting the user to click a link in an email, a text message, or social media post. On clicking the link, the ransomware gets downloaded to the system and can also spread throughout the user's network, encrypting all files and systems and rendering them inaccessible until the hackers' demands are met.
What is the Impact on Businesses?
The aim of a ransomware attack is usually extortion. Ransomware blocks access to critical files or applications with hackers demanding that users pay up to regain access. And, while in some cases it's clear to users that they're being held to ransom, messages often appear to come from governments, law enforcement, or even your own technical team. Unsuspecting employees unknowingly walk into a meticulously set up trap, rendering the organisation at the mercy of cybercriminals.
Hackers purposefully attack businesses and local authorities for whom continuity is critical, so they'll quickly pay off hackers through cryptocurrency (such as Bitcoin).
To Pay or Not to Pay?
Falling victim to ransomware puts businesses in a dilemma - should you pay the cybercriminals or not? Bear in mind that there are no guarantees that access will be restored if you did pay up. And if you decide to not pay, going public will most likely hit your finances.
Earlier this year, hackers targeted Norsk Hydro through a ransomware attack affecting 22,000 computers across 170 different sites in 40 different countries. Despite taking a big hit, the global aluminium producer decided not to pay up. Instead, they started from scratch, with the entire workforce, including some who had long retired, working together to get systems back up and running. It has cost them £45m so far and they are still months away from making a full recovery.
It has affected their reputation but in a good way. Law enforcement agencies and information security industry have lauded Norsk Hydro for their response, describing it as "the gold standard". Not only did Norsk Hydro refuse to pay the cybercriminals but they have been completely transparent about what happened to them.
As summed up by Norsk Hydro's chief information officer, Jo De Vliegher, the most compelling case for not paying up is that there's no telling what that ransom will be used for and it may be used to fund all sorts of crimes, further stimulating the cybercrime industry.
In contrast, two local authorities in Florida, Riviera Beach and Lake City, were targeted in separate ransomware attacks and did pay up to get services back up and running. In both cases, local authorities paid off hackers in bitcoin worth up to £475,000 to restore access.
How Can You Protect Your Business?
To avoid being held hostage by hackers, businesses need to do more to protect their businesses from cybersecurity threats such as ransomware. The best approach is a healthy mix of prevention through robust cybersecurity and ongoing vigilance from staff awareness training.
Robust Cyber Security
Cybercriminals are always looking to stay one step ahead of businesses by discovering vulnerabilities in security and systems. It is vital to install robust security measures and develop information security policies that will help to protect your business from known and newly discovered vulnerabilities.
Human error is becoming an increasingly common theme when it comes to falling for ransomware attacks. Whether it is from opening unsafe email attachments to visiting compromised sites and downloading unsafe files, employees are often inadvertently responsible for creating access points to systems that cybercriminals can exploit.
Businesses can combat this risk by educating staff and making cybersecurity awareness a part of the business culture, ensuring employees are aware of the cyber threats they could face and that they know what risks to look out for.
How Can We Help?
At DeltaNet International, we are certainly firm believers of prevention is better than cure. Which is why we are advocates for awareness training aimed at reducing the impact of a ransomware attack. Our immersive eLearning courses on cybersecurity ensure that learners gain a thorough understanding of the range of cyber threats facing them. From comprehensive courses on Data Protection and Information Security to multiple bitesize micro-learning modules covering cybersecurity issues including phishing, password setting and social engineering.