Don’t Fall Victim to the Ransomware Threat

NICK CLAXSON

Ransomware has emerged as a major threat to UK businesses, and a lucrative opportunity for cybercriminals.  But what is it and how can you ensure you don’t become a victim?ransomwarethreat

Ransomware is a type of malware that infects systems and encrypts the data it finds there.  When the malware is run, it locks victim’s files and allows criminals to demand payment to release them.

In other words, it holds your data to ransom.  Watch this 1-minute video explainer  to learn more.

Ransomware – by the numbers

Ransomware is a hot topic in the news these days as organisations of all types and sizes have been impacted, but small businesses can be particularly vulnerable to attacks.  In a recent survey of over 1,000 service providers conducted by backup specialist Datto, 91% reported recent ransomware attacks against small business clients.

Other ransomware facts:

  • 93% of ransomware victims had anti-virus installed, but it couldn’t stop the infection
  • Less than 1 in 4 ransomware attacks are reported the authorities
  • The three most targeted industry sectors are professional services firms, healthcare organisations and construction companies
  • The typical sum demanded to unlock ransomed data is around £350, but there are many documented cases of sums over £10,000
  • In the US, the FBI recently reported that ransomware victims paid out $209m in the first quarter of 2016, compared to just $24m for the whole of 2015
  • In a study conducted by security software vendor McAfee Labs earlier this year, researchers found ransomware samples had grown 26%
  • 31% of IT service providers surveyed by Datto reported customers being hit by different kinds of ransomware multiple times on the same day

Download the Datto Infographic  for more statistical insights about ransomware.

How ransomware spreadsransomwarecash

Spam is the most common method for distributing ransomware when victims are tricked into downloading an attachment or clicking a link.  Once that happens, the malware installs itself onto the system and starts encrypting files.

The other main method for spreading ransomware is a so-called ‘exploit kit’.  These software packages are developed and shared among cybercriminals and are designed to identify system vulnerabilities and exploit them to install ransomware.  With this form of attack, hackers install code on a real website that redirects computer users to a malicious site.  This ‘drive-by-download’ approach typically requires no action from the victim in order to be successful.

Common types of ransomware are: CryptoLocker (the most notorious), CryptoWall, CTB-Locker

Locky, TeslaCrypt, TorrentLocker and KeRanger.  Download the Business Guide to Ransomware PDF here.

Follow these three steps to protect your business against ransomware attacks

STEP 1: REVIEW YOUR DATA BACKUP SOLUTION

Modern, total data protection solutions, like Datto, take frequent, incremental backups every few minutes.  This means that, if your business suffers a ransomware attack, you can easily roll-back your data to the moment just before the attack occurred. With this approach, you can be certain that your data and systems are clean and the malware can’t be triggered again.Datto_Elite

Another new backup approach is ‘instant virtualisation’; otherwise known as ‘recovery-in-place’ or ‘instant recovery’.  This is based on running applications from image-based backups of virtual machines.  It’s useful for recovering from ransomware attacks too, because it allows you to continue operations while your primary systems are being restored – with little or no downtime.

STEP 2: EDUCATE YOUR STAFF

Every one of your business users needs to understand what ransomware is and the threat it poses.  Find examples of infected ransomware spam emails, along with clear instructions on what to do if they encounter one.

It’s really important to do this regularly, as new ransomware techniques are emerging all the time.  Make it part of new staff induction too.  Education is crucial, but counts for nothing if you don’t have the proper data backup systems in place.

STEP 3: RUN RANSOMWARE-AWARE SECURITY

Up-to-date, regularly patched antivirus software is essential for any business.  If you don’t keep it updated, it becomes far less effective to new ransomware strains.  Look for antivirus products with ransomware-specific functionality.  These can potentially help to detect and block attacks, and alert users about new threats.  However, even the best security can be breached, which is which good data backup processes are a vital second line of defence.

Avoiding a ransomware attack will always be very difficult, but recovering from one can be considerably easier with an effective backup solution.  Just make sure you don’t bury your head in the sand.

By keeping a near-constant record of all your data assets – instead of weekly or even daily backups – you can stick two fingers up to anyone who demands a ransom.

Comtec is a Datto Elite Partner.  Please contact us  to discuss your requirements.