Ransomware is a growing concern for many large business. We’ve all seen news stories where large business have been frozen out of their data because someone’s holding it hostage.
Although there are different strains of ransomware they all work on the same principle. A malicious person accessed your data, encrypts it and then refuses to decrypt it until you’ve paid a ransom. Sometimes they honour this and sometimes they don’t.
A real world example would be if you biked into town and locked your bike to a lamppost. Imagine someone else coming along and putting their own lock on it too. When you return they say they will only remove their lock if you pay them.
Technical they’ve not taken your bike, and your bike is still there but you only have access to it through them.
Ransomware currently aims for big business. The bigger the business, the more money; the more money, the more likely they are to pay the ransom. However, that’s likely to change as bigger business start to protect themselves more against malware and ransomware attacks. Ransomware will move towards small to medium sized business with far less cyber security infrastructure.
WannaCry is probably the most famous example which hit the NHS but also a lot of other less known organisations. Once inside the network it propagated to every single machine on the network. Those with the latest Windows 7 updates were spared but those behind got infected. Additionally, lots of the NHS IT Infrastructure was taken out of action as a precautionary measure.
Eventually a freelance information security analyst analysing the virus was able to disable the virus by triggering a deliberate failsafe in the virus which stopped it from continuing further.
Just don’t click on dodgy links, right? Wrong!
Ransomware is now so sophisticated that once in your network or organisation you don’t need to do anything to trigger it. It will spread on it’s own. It’s also only a matter of time before ransomware can jump from network to network without anything actively doing anything.
Outside of normal cyber hygiene such as regularly changing passwords and good password management, blocking spam emails, turning your network and machine off when you’re not using them, there’s actually very little you can do to stop ransomware. It’s almost inevitable.
But all is not lost, whilst it’s hard to prevent it’s a very treatable virus.
Restore from your backup. If the nature of this attack is that they’ve got your data hostage on your machine; restore the data from somewhere else.
A few rules for engagement on this though:
The best antidote to ransomware is to make sure you have a copy of everything you do something else. This will change ransomware from a totally disaster to an inconvenience.
If you enjoyed this briefing paper, check out our other digital resources which cover a wide range of topics, including quantum computing, social media, and 3D printing.
The Lancashire Cyber Foundry runs a series of business strategy and cyber workshops specifically designed for SMEs in Lancashire. We’re passionate about seeing Lancashire business become more cyber-aware and innovative and so offer funded places for companies to come and learn how to defend, innovate and grow their business. Additionally, we have an experienced technical team ready to help you with your business innovation ideas, particularly around cyber and digital innovation.
To find out more about how your business can access support or register on one of upcoming workshops, contact us:
Before starting at Lancaster University over four years ago, Geraint had worked in software development roles in IBM and the Civil Service. In addition to being a qualified teacher, Geraint has worked freelance with a varied client base as a software developer and graphic designer.
Get the latest updates on news and events from the Lancashire Cyber Foundry team.