The recent ransomware attack affecting numerous organisations, including the NHS, highlight the impact that cyber-crime can have. As such, it’s more important than ever to be vigilant and resilient. Here are our top tips for protecting your business:
What is ransomware?
Ransomware works either by encrypting the files on a computer / network or by locking a user’s screen. The user is then required to pay a ‘ransom’ to be able to use the computer normally again. In many cases, the ransom amount is quite modest. This is designed to make paying the ransom the quickest and cheapest way to return to normal use. However, there is no guarantee that the key or password (to ‘unlock’ the computer) will be provided after the ransom is paid.
The scale and automated nature of a ransomware attack makes it profitable through economies of scale, rather than through extorting large amounts from targeted victims. In some cases, ransomware has been known to strike the same victim more than once in succession. Attacks are not normally targeted at specific individuals or systems, so infections can occur in any sector or organisation.
How is ransomware spread?
Computers are infected with ransomware via a number of routes. Sometimes users are tricked into running legitimate-looking programs, which contain the ransomware. These may arrive via authentic-looking email attachments or links to apparently genuine websites (otherwise known as phishing).
These e-mails can, at a glance, appear genuine but common indicators to watch out for are use of language that isn’t normally what the sender would use, spelling and grammar issues, requests for money transfers and unusual email signatures. If you do receive any suspicious e-mails, it is essential that you do not reply to the sender or ‘click’ on the link. Instead, simply delete the email. You can always contact the sender by other means if you’re not sure.
More recent infections have relied on unpatched vulnerabilities in computers, so simply visiting a malicious website can be enough to cause a problem. Finally, and less commonly, data transfers between computers (such as via USB memory sticks) can also cause ransomware to spread.
How can I protect against ransomware?
Home users and small businesses can take the following steps to protect themselves:
- Run Windows Update to ensure your security software patches are up to date
- Make sure your antivirus product is up to date and run a scan – if you don’t have one then install one of the free trial versions from a reputable vendor
- If you have not done so before, this is a good time to think about backing important data up – you can’t be held to ransom if you’ve got the data somewhere else
For system administrators, more detailed guidance is available from the National Cyber Security Centre (NCSC) – https://www.ncsc.gov.uk/guidance/ransomware-latest-ncsc-guidance.
NCSC offers advice and guidance around all aspects of cyber security for individuals and businesses. To find out more about their work and how to protect your business, go to https://www.ncsc.gov.uk/.