Ransomware Explained

4 Essentials for Protecting Against Ransomware

Knowing how a ransomware attack works can be the difference between the organisation falling victim to an attack, and detecting and acting on suspicious activity before attacks happen.

Ransomware is a devious type of software designed to extort money from the user by encrypting data, thus making it inaccessible, and demanding payment for the ‘service’ of decryption.

As a prevalent form of cyber threat, ransomware can completely impede an organisation from operating, for example, in the case of the recent Travelex attack which left the company unable to properly function for weeks.

To learn more about how a ransomware attack works, read on.

Attack on your Information

With many ransomware attacks originating from phishing, users frequently infect computers through the opening of an attachment or through following a deceptive link.

How a ransomware attack works, is once downloaded, the malware will quickly lock away your data behind a paywall, demanding potentially extremely large sums of money in exchange for the possibility of returning access to your data.

As with many cybercrime related exchanges, the ransom is to be paid in a difficult to trace cryptocurrency. This digital currency is purchased by the user, then transferred to the hacker’s ‘wallet’ – an anonymously controlled, online account.

Even if a ransom is not payed, ransomware can be extremely costly to deal with. It is estimated that the WannaCry virus cost the UK’s NHS around £92 million in direct expense and lost output, as well as endangering patients’ lives in the process.

Big Costs and Ransom Payment

Unsurprisingly, even payment does not guarantee decryption and the UK’s Action Fraud recommends non-payment. Research also suggests that organisations that choose to pay a ransom, on average end up spending twice as much in recovery costs, as organisations that do.

Once a system is infected and data has been encrypted, an affected organisation will likely be facing significant costs in recovery; although by taking the proper precautions to protect against a ransomware attack, an organisation may avoid any loss at all.

4 Ways of Protecting your Organisation from a Ransomware Attack

Avoidance

Knowing how a ransomware attack works is crucial for the detection of potential issues before they occur. The first line of defence against any kind of cyber attack is avoidance, and there a plenty of ways to initially protect yourself and minimise the likelihood of being the victim of a data ransom attack.

A strong anti-virus software is an essential. Many computers will come with this kind of software already installed, though it is worth taking the time to check just how protected you are.

There is plenty of free anti-virus software out there, however for organisations, this kind of protection likely is not enough and if you are dealing with large quantities of sensitive information, upon which your organisation relies, a more robust solution is recommended.

We must also consider the origin of these attacks. As previously noted, nearly all ransomware infiltrates a system via email phishing. As an individual, or as a member of an organisation, you must remain vigilant to the threat that a simple attachment can pose.

To find out more about spotting phishing attacks check out our blog: 4 Ways of Recognising Phishing Attacks.

Backing Up

Ransomware relies on two fundamental assumptions. Firstly, that the software will infect someone’s computer, and secondly that the data being held to ransom is only accessible via the infected device.

Should the data be adequately backed up, an organisation can perform a system restore. Essentially allowing an organisation to negate the loss of accessibility caused by the ransomware attack and avoid unnecessary loss in output, or incurred costs.

Most computers and devices offer the option of cloud-based backups as well as system restore points. Each of these practices offers a partial solution to the potential problem of ransomware.

Updates

One of the major reasons the NHS was susceptible to the WannaCry ransomware attack, was that many of the computers being used were running out-of-date operating systems. These weaker systems were not protected in the same way as a current OS, and therefore the door was left open to cyber criminals.

As with operating systems, we must also ensure that the software (especially the anti-virus) we are using is the very latest. New vulnerabilities are discovered every day and developers work hard to ensure these issues are patched and fixed, although if we’re not making these updates, we leave ourselves susceptible to attack.

Information Security Awareness Training

Ransomware, like many forms of information security attacks, relies on a human element for success. As noted, phishing is invariably involved in all kinds of compromises, and though there are plenty of technological solutions that will help protect your information, this alone will be ignoring an important factor.

By educating your staff regularly with interactive and knowledge-demonstrating tutorials, you do not just help to improve compliance, but also reliably reduce the risks of human errors and improve the standards of awareness.

Comprehensive information security awareness training should inform and educate staff about their role in front-line defence against security threats. Alongside regular back-ups, frequent updates and basic avoidance techniques, effective information security awareness training offers you and your organisation the best protection against ransomware and similar threats.

Hut Six Information Security Awareness Training

Featuring twenty-six comprehensive tutorials covering all aspects of information and cyber security, Hut Six’s training is focused on demonstrating learning outcomes. With Hut Six’s learning management system (LMS), employers can assess and track the achievements of staff and better understand areas for improvement. 

Hut Six’s comprehensive solution builds a security aware culture by focusing on achieving meaningful behavioural change. With engaging training, your organisation’s defences are strengthened against malicious actors, reputational damage and potential fines and losses, whilst satisfying compliance obligations.