The Risk of of Ransomeware
The BBC reported recently an Alarming' rise in ransomware, with more than 120 separate
families of ransomware in circulation.
Other researchers have seen a
3,500% increase in the criminal use of net infrastructure that helps run
ransomware campaigns.
"Ransomware and crypto
malware are rising at an alarming rate and show no signs of stopping,"
said Raj Samani, European technology head for Intel Security. Ransomware
samples seen by his company had risen by more than a quarter in the first three
months of 2016, he added.
What is ransomware and why should you care?
Ransomware is a type of malware
developed to block access to files and directories, typically using encryption
until a fee is paid. The impact can be serious and even paying the demand is no
guarantee of recovery of the data. The opportunity to extort money is driving
the growth in ransomware software development and in turn increasing the risks
to computer users.
Ransomware is typically delivered
via email. Many of us think we can spot non-legitimate emails from poor English
or unusual requests, but the latest spear-phishing techniques use highly
targeted emails, producing professional looking results. In fact these emails are so convincing, that
when compared with a typical marketing email campaign which might result in 1
in 4 of emails being opened, and 3.5% click through, spear-phishing can achieve
a 3 in 4 open rate and a further 50% click through!
Read and click through rates are
so high because these email contain
specific personal or business details which create an image of authenticity,
details typically captured from social media sources and background research by
the attackers. The emails have sufficient information to make people believe
they are credible.
Worryingly, Spear-phishing is
typically the first phase of a sophisticated multi-phase attack on an
organisation.
So what to do to protect your business?
Awareness training is crucial for everyone receiving email in your
company:
- Up to date security and antivirus are critical
but even then new, so called Zero Day exploits could get through
- Make sure everyone is aware of the risk
- Messages that originate from outside of the
organisation (social media or email) asking for confidential data should
be carefully considered before responding
- It is also possible to receive emails which
look to be from colleagues within the organisation, for example Managing
Director to Finance Director requesting money be paid to a previously
unused account. By digitally
signing emails within the organisation it is possible to quickly identify
if an email is actually from the email address that it claims to be.
- If you receive unsolicited communications from a contact or organisation do not click on any links and check the details carefully
- hovering your mouse over a hyperlink will show
the website url - does it look credible?
If anything looks off, ask
someone from your IT department to take a look. There is no such thing as being
over cautious!
Be Prepared for the worst
Ensure, before a potential the
event, that your critical data is safe, and your business critical applications
can be quickly recovered and restored.
Many organisations will maintain years of data of their servers, and
either not back this up, or if they do, only retain the backup for a few
days. If infected with ransomware,
documents and other data could be encrypted over a period of days or even
weeks. It can be a while before anyone
notices that this has occurred, particularly if only data that is more than a
couple of weeks old is encrypted first.
This means that even if organisations maintain backups for say 2 weeks,
it can be longer than that before an issue is identified and then it may not be
possible to restore the data from backup as this has also been encrypted by
criminals.
Even organisations with a high
level of vigilance can get caught out, however – it only takes one mistake! To
ensure you are not literally held to ransom over your vital data, organisations
need access to readily available copies of the data and applications that
comprise their entire IT system, and this is provided by a new service called
SystemFlip.
SystemFlip is a unique service
that continuously backs-up your IT systems and data both locally and in the
cloud retaining data for up to 7 years and making it available for restore or
failover in seconds. With SystemFlip, the organisation can continue its
operations without any interruption. To find out how your business could
benefit from SystemFlip please contact us on 01225 808065 or visit us at www.systemflip.com
www.systemflip.com SystemFlip Continuous Recovery is for Organisations that cannot afford to be
without their IT Systems.