Ransomware Steps up a Gear and Demands Action

The risk of ransomware has been growing for businesses as their dependence on technology and the digital world continues to increase. While it’s an issue that’s been around for years, hackers are stepping up a gear to take advantage of the rising use of the cloud, the internet of things, and other areas of technology that create points for criminals to exploit.

Ransomware is a malicious piece of software that’s designed to block access to a computer and all its files until demands to pay a sum of money are met. While security professionals and law enforcement often urge businesses not to meet demands, many firms, facing operational risks and in need of accessing their IT infrastructure, do make payments. These can sometimes total tens of thousands of pounds.

There’s now an increasing trend of malware that looks like ransomware but proceeds to destroy files whether payment is made or not, leading to the method being dubbed ‘ranscam’. It’s not just individuals that are being attacked but businesses and public services too. The growing use of malware places services and firms at significant risks but there are steps that can be taken. One attendant of the RSA Conference 2017, which looked at the latest security tech and industry best practices, argued that simply sharing information was a step in the right direction, allowing threat sources to be identified and protecting more potential victims.

From a personal perspective, all businesses should now be taking steps to increase their level of protection. As reliance on digital solutions grows and more firms turn to the cloud to store their data, it’s becoming more important to implement security measures. Fortunately, there are some straightforward methods that can be implemented across organisations to reduce risks:

Be prepared – A ransomware or ranscam attack can cause immeasurable damage to a business. The most reliable method of protecting your critical data is to have it backed up, ensuring you can recover systems should they become infected. Some malware can affect data on shared networks and removable drives, so choose an offline environment.

Take a layered approach – Don’t rely on a single solution to provide protection from viruses. Instead, take a layered approach that utilises different technologies that complement each other to step up the level of protection.

Manage privileges – Setting levels of privileges for different employee groups can help minimise the damage that a piece of malware can do. A ransomware or ranscam will typically operate within the same privileges of the victim, allowing you to effectively compartmentalise the risks.