So you got ransomware, what to do next
28 June 2017 |
News of ransomware attacks have been quite common over the past few years. Yet, a growing number of small, medium and large businesses continue to fall victim to fresh attacks and malware injections.
If your organisation hasn't been too serious about ransomware attacks so far, the WannaCry and Petya ransomware attacks should serve as powerful wake-up calls to end the perennial slumber for good.
It could be argued that lack of skilled cyber security talent in the country and lack of funds are seriously impeding cyber-warfare capabilities of British enterprises. It is also true that no matter how strong an organisation's cyber security practices are, nothing can stop a ransomware intrusion that is facilitated by errors in judgment or simple day-to-day human errors.
However, a lot of progress can be made if organisations give ransomware attacks as much attention as they deserve. Research by Citrix revealed that last year, 20 percent of medium to large UK businesses had no plans on how to deal with potential ransomware attacks, 33 percent of firms were building a stockpile of digital currency to pay ransom and 35 percent of large firms were inclined to pay more than £50,000 to regain access to important intellectual property or critical data.
Had organisations spent such money on raising cyber-awareness among employees, hiring the best cyber security talent, and inculcating cyber-hygiene within their premises, the outcome of last night's Petya ransomware attacks could have been different. That being said, it is never too late for organisations to gear up and take steps to ensure they don't fall victim to future malware attacks.
What you must do to prevent future ransomware attacks
The first and the most important thing to do is to avoid paying the ransom that cyber-criminals demand from you. This is because there is no guarantee that you will get your data back even after paying the ransom.
You must also take steps to ensure that if a computer is infected, the ransomware doesn't spread its tentacles to other systems that are part of the same network. Disconnecting them or switching them off will be the ideal thing to do.
At the same time, you must inform relevant authorities as well as affected customers of the ransomware attack at the earliest. Informing employees and educating them about what to do next will also go a long way in curbing the spread of the malware.
According to David Matthews, Director for EMEA Security Industry at Unisys, the large impact on industries and critical infrastructure caused by the Petya ransomware has made it clear that in order to prevent future attacks, organisations need to take a number of measures immediately and decisively.
These measures include keeping sufficient data backup to continue operations in the event of a malware attack, patching software with the latest security updates, using effective security controls, updating antivirus signatures, using leading antivirus services, and adopting micro-segmentation to stop threats spreading across systems.
"This recent [Petya] attack proves that no organisation is immune to cyber-attacks, and further outlines the need for organisations to adopt defence and in-depth policies that allow breach detection and action to take place much quicker, protecting both sensitive data and business reputation,” he added.
Another great way for your organisation to prepare against future cyber attacks is to join the UK government's 'Cyber Essentials' accreditation programme for enterprises. Unless your organisation joins the programme, it will not be able to bid for government contracts.
Aside from the obvious benefit, the Cyber Essentials programme will help your organisation strengthen its IT systems, implement the latest cyber security practices and effectively handle and protect customer data.