National publicity for council ransomware attack
In January it was nationally reported that Lincolnshire County Council (LCC) had fallen victim to a ransomware attack which rendered it unable to access systems and data for a week. Across the authority, as many as 5,000 staff had to revert to manual processes using pen and paper.
The cybercriminals had performed data ‘kidnapping’ by infecting LCC systems and encrypting the data. The data remained on the organisation’s infrastructure but was rendered inaccessible. The ransom demand for its safe release by providing the decryption key was set at the princely sum of $500 (£350).
On a matter of principle, LCC displayed great resolve in refusing to pay. Many private and public organisations faced with paying a few hundred pounds or having 5,000 people struggling to work and a PR disaster followed by some very awkward questions might have made a different decision.
Undoubtedly LCC was only able to refuse to pay because it had adequate data backups to enable it to restore systems. Many business and organisations may not be able to enjoy the same confidence if they were put in a similar situation.
BBC, Europol and the FBI
Late last month saw more press about ransomware in national as well as technology sector news. The BBC reported that Europol, the European police agency has intervened to try and show what is described as an "exponential" rise in ransomware. The No More Ransom website is a joint initiative with Dutch police and cybersecurity firms. The website connects victims and police, provides advice and helps with data recovery.
UK IT industry website CRN (Channel Reseller News) featured an article by IT security company LogRhythm saying ransomware cyber criminals are now targeting organisations with deeper pockets from which to pay bigger ransom demands. The strategy of demanding small sums from as many victims as possible is moving to one of demanding larger sums from fewer. Financial and professional services or creative and management practices and consultancies are often seen as cash-rich.
Figures from the FBI support the idea that ransomware is an increasing global threat. It puts the figure extorted in Q1/2016 at $209 million and estimates $1bn will be paid out as a result of ransomware demands by the end of the year.
What can your business do about the increasing ransomware threat?
In devising a strategy to defeat the ransomware cyber criminals, there are three key elements:
Preparedness
- Ensure you have the critical IT security policies, procedures and layered security in place, including anti-virus/malware; patching and updating; email scanning; complete backups to support DR and BC plans.
Common sense
- Promote a common-sense culture amongst employees when it comes to email attachments’ internet browsing and ensure policies governing data transfer via smartphones, USB drives, and external disks, or cloud convenience data sharing sites like Dropbox.
Resolution
- If attacked and you have the necessary backups and levels of preparation, then you are in the position to demonstrate the same level of resolution as LCC and can be safe in the knowledge that you don’t have to pay a ransomware demand.
Beat ransomware cybercrime with help and advice from HTL
HTL Support helps growing companies of 10 - 100 people to be better prepared and design and implement policies to avoid becoming victims of a ransomware attack in the first place.
Unfortunately, no amount of preparation may be able to defend a ‘zero-day’ attack – a brand new previously unseen threat. However, with the right backup, DR and BC in place, HTL puts businesses in a position to remain resolute and to be able to refuse to give in to ransomware demands.
To find out more about how growing companies enjoy better security that helps defeat cybercriminal activity with HTL Support, simply get in touch today.
You can click here to look at the No More Ransom website
Click to see ‘Ransomware advice service to tackle extortion gangs’ at bbc.co.uk