responsible for nearly half of UK cyber security breaches 2015
After another high profile ransomware case (BBC News article – Lincolnshire council Ransomware) I felt it was time to hit home about how prevalent and dangerous this type of malware is.
UK business reported last year that almost half of cyber breaches were due to ransomware. This information comes from the IT security reseller Foursys. They polled 400 UK IT managers and found nearly two thirds of these expected security to be a much higher priority coming into 2016. Of those polled 15% reported a breach and 44% of these were due to ransomware. 21% of these resulted in significant disruption or loss of data as a result.
So what is Ransomware?
Ransomware is a type of malware that prevents or limits users from accessing their system or systems. Ransomware forces its victims to pay a ransom through certain online payment methods in order to regain access to their systems, or to get their data back. Often this is done using the almost untraceable currency Bitcoin. This makes monetisation of malware much easier as it carries less risk to the hackers. Some famous examples of ransomware encrypt files using some very sophisticated technology (such as Cryptolocker ).
Ransoms vary depending on the variant infecting you and the criminal behind it. However these ransoms are typically ranging from £20 -£500. Importantly though we must be aware that paying this ransom does not guarantee access to your system.
The example in the report above demands payment within a set time frame, a timeframe far too short to successfully decrypt the data. This creates the atmosphere of fear which has turned ransomware into a multimillion pound business per year as lots of people DO pay the ransom.
How does Ransomware get onto my system?
The same way as many other typed of malware. Users can download ransomware by visiting compromised websites (this happens often via the use of phishing scams!). Ransomware can be part of a chain of malware so it can be downloaded by other malicious programs. Another incredibly popular way of distributing Ransomware is as an attachment on an email. Commonly seen on phishing emails masquerading as perhaps an invoice. We also have a blog post about a telephone call received by a client who then allowed somebody to install ransomware. So Ransomware and social engineering are used hand in hand quite often, therefore ensure you and your business are aware of the dangers and how to spot something like this happening.
This is the key part of this post. How do we prevent our businesses or home systems from falling victim to this particularly nasty threat? Ensure you keep your systems up to date, ensure your firewalls and software is configured correctly. Ensure your network is tested frequently to prevent hackers exploiting your network and installing ransomware. Finally and possibly as importantly as all of the others, ensure you and your staff are aware to the dangers of phishing and scams that can lead to ransomware or malware being installed.