Ransomware has become the most talked about security threat following the ‘WannaCry’ cyber attack that hit the NHS, Spain’s Telefónica, FedEx and Deutsche Bahn, along with many other companies worldwide last month (May 2017) and caused chaos. With thousands of posts being published you probably just don’t have the time to read them all, so we’ve decided to help you out and squeeze all the important bits and facts into this one useful infographic.
Your business’s guide to RANSOMWARE
What is Ransomware?
Ransomware is becoming more and more of a major threat to businesses, it is impacting all types and sizes. Ransomware is a type of malicious software designed to block access to your files, data or computer until a sum of money is paid. Distributed in a variety of ways and is difficult to protect against as it’s constantly evolving.
Common types of Ransomware
- Scareware – A form of malware that poses as a security program by creating popups warning you threats have been discovered on your PC to lure you into paying money in exchange for solving the imaginary threats.
- Screen Lockers – This is a non-encrypting ransomware. It does not affect your data, but locks you out of your PC entirely by displaying a message that takes up the whole screen demanding you to pay the ransom.
- Encrypting – This is the most harmful and puts your whole company at risk. Files on your computer and server are encrypted and a payment must be paid by a deadline to decrypt them or they will be destroyed.
How do you get infected?
Ransomware is spread through malicious email attachments & links, compromised websites, infected programs, infected removable drives (USBs) and social media.
Did you know in a recent survey 54% of UK businesses have experienced a Ransomware attack.
The cost of Ransomware…
- 60% of UK businesses lost revenue as a result of ransomware.
- 40% of UK businesses had ransom demands in excess of £3,500.
- 71% of UK businesses took more than 9 hours to rectify the impact of ransomware.
- 32% of UK businesses lost their files after refusing to pay the ransom.
How Ransomware works…
- Alex receives a strange email that grabs his attention. Intrigued he opens it.
- Immediately Ransomware takes over Alex’s computer and encrypts every file.
- Locked out of his computer, Alex is faced with a ransom screen to get his files back.
- Before he knows it Ransomware has spread across the entire company network!
- Alex is unable to work for 2 days while IT Support recover the network and data.
- A stressed Alex works late to catch up on missed deadlines – don’t let this be you!
Should I pay the ransom?
he National Crime Agency encourages businesses not to pay the ransom. If you do:
- There is no guarantee that you will get access to your data.
- You will be paying criminal groups.
- Your computer will still be infected unless you complete extensive clean-up activities.
Did you know a survey found last year Ransomware attacks on businesses around the world rose by 50%
Protect your business against Ransomware
A ransomware protection strategy requires a three-way approach – education, security, backup
Education
User education is a powerful way to protect your business. It is critical your team understands ransomware and the threats it poses. Make sure they are able to recognise suspicious websites and emails and if they come across a potential threat they know what to do.
Security
Antivirus is key and you should ensure it is always up to date in order to protect you from newly identified threats, some offer ransomware specific functionality. Minimise vulnerabilities in your system by keeping all business applications patched and updated.
Backup
It’s essential your business has a robust incremental backup strategy in place. If you suffer a ransomware attack, this will allow you to roll-back your data to a point- in-time before it happened and you will not need to pay the ransom. It is also a good idea to keep several copies – offsite & cloud.