Crypto-ransomware (or cryptors) is a type of malicious software that accesses files and systems and then denies users’ access to them. The malware then encrypts the files, with cyber criminals demanding payment for owners to gain access again through the release of a decryption key, hence the name ransomware.
RELATED RESOURCE
The business guide to ransomware
Everything you need to know to keep your company afloat
Average users can be expected to pay anything between £350 - £750 to have their data decrypted, but cyber criminals are well aware of how valuable data is to larger organisations, who can face demands in the hundreds of thousands of pounds. However, if a ransom isn’t paid, the fee can increase to staggering amounts before the decryption key is deleted and the data is lost for good. Even when ransoms are paid, there is never a guarantee that the data is safe.
Although larger organisations are impacted, smaller businesses are the ones that make easier targets as they may not have invested in the cyber security that could protect them in the first place. In particular, small professional and financial services are considered to be most attractive to ransomware.
According to a report by Serbus, the UK was the second country in the world affected by ransomware attacks, which have increased significantly since 2019, estimated to equal a staggering financial loss of £140m globally in 2021.
"Some ransom demands have grown to the six- and seven-figure range," said Michael Tanenbaum, Head of Chubb Cyber North America. "It is critical for businesses to understand the increased sophistication of ransomware, what procedures and systems need to be in place to mitigate the risk, and what solutions they need to protect themselves should they experience an attack."
A temporary loss of data can disrupt business-critical processes and could lead to lost sales, reduced productivity and significant costs for system recovery. However, the permanent loss of data can have much more severe consequences, from damaging the company's competitive position to preventing access to intellectual property and design data.
Best ransomware removal tools How to beat ransomware Ransomware gang offers to refund victims' payments
In common with most other types of malware, there are many ways in which a cryptor can find its way onto business computers and other devices. Here are some easy-to-apply rules to help keep your data - and your business operations - safe.
Educate users:
People are often the most vulnerable element in any business. Teach employees about IT security basics, including raising awareness of phishing and spear-phishing attacks. Emphasise the security implications of opening suspicious-looking email attachments, even if it appears to be from a trusted source.
Security awareness training programmes can be a good way of ensuring employees are aware of the latest threats, and to keep security front of mind for staff.
Regularly back up data:
The best way to keep business data safe is by backing up systems regularly. With a good backup system, a ransomware attack won't have a catastrophic effect on business continuity.
Almost all businesses will already have data back up policies. However, it's also essential to back up data onto an offline backup system, rather than just copying files to another live' system on a corporate network. Establishing a backup and disconnect' policy will help keep backup files safe from cryptors.
Protect all devices and systems:
Cryptors don't just attack PCs. Business security software must also be able to protect Mac computers, virtual machines and mobile devices. It is also worth ensuring there is sufficient protection installed on the organisation's email system.
But as well as protecting devices and internal systems, it's also important to make sure that third-party applications are updated as well. Hackers can easily leverage a vulnerability in a popular application to breach your network and start infiltrating other systems.
Deploy and maintain security software:
As with all malware prevention, updating and patching early and often is a valuable policy to follow. Updating all applications and operating systems will allow the elimination of newly discovered vulnerabilities, and ensuring security applications and anti-malware databases are up-to-date will enable the business to benefit from the latest protection.
-
OpenAI says future models could have a ‘high’ security riskNews The ChatGPT maker wants to keep defenders ahead of attackers when it comes to AI security tools
-
Why Dell PowerEdge is the right fit for any data center needAs demand rises for RAG, HPC, and analytics, Dell PowerEdge servers provide the broadest, most powerful options for the enterprise
-
15-year-old revealed as key player in Scattered LAPSUS$ HuntersNews 'Rey' says he's trying to leave Scattered LAPSUS$ Hunters and is prepared to cooperate with law enforcement
-
The Scattered Lapsus$ Hunters group is targeting Zendesk customers – here’s what you need to knowNews The group appears to be infecting support and help-desk personnel with remote access trojans and other forms of malware
-
Impact of Asahi cyber attack laid bare as company confirms 1.5 million customers exposedNews No ransom has been paid, said president and group CEO Atsushi Katsuki, and the company is restoring its systems
-
The US, UK, and Australia just imposed sanctions on a Russian cyber crime group – 'we are exposing their dark networks and going after those responsible'News Media Land offers 'bulletproof' hosting services used for ransomware and DDoS attacks around the world
-
A notorious ransomware group is spreading fake Microsoft Teams ads to snare victimsNews The Rhysida ransomware group is leveraging Trusted Signing from Microsoft to lend plausibility to its activities
-
Volkswagen confirms security ‘incident’ amid ransomware breach claimsNews Volkswagen has confirmed a security "incident" has occurred, but insists no IT systems have been compromised.
-
The number of ransomware groups rockets as new, smaller players emergeNews The good news is that the number of victims remains steady
-
Teens arrested over nursery chain Kido hacknews The ransom attack caused widespread shock when the hackers published children's personal data
