Computer hackers are an industrious bunch. The cyber-attacks they stage are constantly changing, and are a rapidly-growing security threat to businesses of all sizes. Aside from regulatory and economic risks, ransomware attacks are probably the most frustrating and frightening attacks companies currently face as they can affect everyone with a computer or smart-phone.
Ransomware - a malicious software that can be sent via email and locks up a company's valuable data until a sum of money is paid - has the potential to cripple an organisation with very little warning. An entire IT network can be infected and frozen simply by an unsuspecting employee downloading an affected file or clicking on a suspicious email link, creating a connection point for cybercriminals to access company network drives in a matter of minutes.
What happens next is more alarming. Through these connection points, computer hackers can target data that is critical to the organisation, encrypt it, and extort it for money. Forced to pay the ransom fee, the victim firm is then reliant on the hacker providing the encryption key to unlock and retrieve the information. Payment is typically demanded in Bitcoins to anonymise transactions, preventing the perpetrators from be tracked.
To give a sense of scale to the cybercrime, 47% of NHS Trusts, 51 police forces, multiple businesses and six-in-ten universities in England have been successfully targeted by ransomware in the past year.
Dangers of surrendering to ransomware
Companies usually have two options when faced with a ransomware attack: pay up, or shut down their systems.
Most organisations opt to pay the ransom in the hope that the cyber criminals will deliver the encryption key to release the data, which is why more businesses are stockpiling Bitcoins. Others try to dismantle their networks in the hope that they can neutralise the virus before it spreads to other parts of the organisation.
However, neither approach is a guaranteed fail-safe. A recent study showed that two-thirds of companies falling victim to an attack have surrendered and paid up. But paying the ransom only leaves companies vulnerable to future attacks and perpetuates the threat cycle. And disconnecting enterprise systems creates downtime and disruption costing businesses far more than the price of the ransom.
How to combat ransomware attacks
Ransomware is just one example of advanced persistent cyber-threat that firms face. Rather than waiting for an attack, companies should take these four steps to reduce the threat ransomware poses to firms.
- Support the front-line defence. Raise employee awareness to minimise cyberthreats, especially those threats that require user action, like clicking on a bad link or downloading an infected file, to be activated. Train employees on cybersecurity practices to guard the organisation. Show them what to look out for and run mock phishing exercises, and provide a mechanism for reporting suspicious activity.
Given their potential profitability, ransomware attacks will only increase in volume and complexity. Whilst no company can be guaranteed a safe path against ransomware, companies can implement a strong deterrence policy to avoid being held to ransom.