Ransomware is hardly a new weapon in the cybercriminals’ arsenal: with 48 per cent of UK organisations reporting an attack in the last year, ransomware is one of the most serious threats that businesses face. But ransomware itself is evolving, and companies and governments are having to work hard to keep up.
How Is Ransomware Changing?
In a classic ransomware attack, data is seized from a personal computer and encrypted, and often the operating system itself is locked out. A ‘ransom’ is then demanded to release it, usually paid in a cryptocurrency, by means of a decryption key, until which time the victim will be prevented from accessing their computer systems and files. This can be catastrophic for a business or public body that relies on their data; in 2017, the NHS was famously hit by a ransomware attack, leading to thousands of cancelled appointments and operations in more than 60 NHS Trusts.
At a recent workshop in The Hague, Netherlands, US and European law enforcement agencies convened to discuss the latest threats posed by ransomware operators. Increasingly, cybercriminals are sidestepping the encryption stage of their plots and resorting to data theft and extortion. Malicious actors will now steal an organisation’s data and threaten to leak it if a ransom is not paid.
The Consequences Of A Data Breach
A data breach is not to be regarded lightly. In the UK, several sanctions may be imposed by the Information Commissioner’s Office (ICO) if sensitive customer or employee data is leaked, including:
- Formal warnings and reprimands.
- A ban, either temporary or permanent, on data processing.
- An order to rectify, restrict, or erase data.
- Suspension of data transfers to other countries.
- A fine of up to £17.5m or 4 per cent of annual global turnover.
Damage to a business’s reputation can be almost as damaging and difficult to recover from - especially if it is found that preventive measures could have prevented the ransomware attack. Worryingly, 60 per cent of SMEs collapse within six months of a high profile data breach, largely because of plummeting customer confidence.
Same Entry Point, Different Visitors
Despite cybercriminals devising new ways to try to extract cash from their victims, most attacks still target the same system vulnerabilities as in the past. Criminals seek low investment, high reward opportunities to earn a profit, so exploiting known loopholes is still the most cost-effective and easiest approach.
At TMB, we can support your organisation to develop a robust and effective cybersecurity strategy that will repel criminals’ efforts to steal data from your system. We can help you to:
- Backup your critical data so that you can access it should the worst-case scenario occur.
- Formulate an incident response plan so that your staff are prepared for a ransomware attack.
- Automatically update security patches to eradicate the software vulnerabilities that criminals aim to exploit.
- Review and, if necessary, close Remote Desktop Protocol port 3389 and Server Message Block port 445 which are often used as entry points for ransomware.
- Train your team thoroughly in all aspects of cybersecurity to reduce the chance of an accidental data leak or security breach.
Contact TMB To Find Out More
To find out more about our cybersecurity services, please book a call with one of our IT specialists.
Image source: Canva