If British businesses weren’t familiar with ransomware attacks they’re about to be.
Security firm ESET has tracked a rising number of ransomware attack aimed at the UK. Using its LiveGrid telemetry, ESET was able to discern that 25 percent of all the UK’s cyberattacks were ransomware attacks. That puts the UK on top of the ransomware hit list. No other country has had such a disproportionately high amount of ransomware attacks recorded.
Much like a normal ransom, the goal of a ransomware attack is to lock out victims from their data or even destroy the data, if the victim doesn’t pay a set amount of money. Once the money is in the hands of the criminals they release the data back to the victim. This is the most likely scenario, however there have been recorded instances in which a victim pays the fee and never receives their data back. There have also been cases in which victims have paid the ransom and the attackers continue to extort money from them by asking for more.
The crack team over at ESET warns the global digital community to be wary of emails as it seems that spamming inboxes with emails chock full of malicious attachments is one of the main ways that cybercriminals are penetrating user systems. Emails coming from unknown senders and sources should be automatically deleted. Companies should be implementing email handling protocols and enforcing them ruthlessly.
Ransomware is difficult to handle but not impossible.
It needs a little time, quite a bit of dedication and above all, consistency in execution. Needless to say, systems should be equipped with the best security software that the company or individual can afford. Patches should be installed and updates, well, updated. Finally, the need to back up data on different physical devices has never been greater. Now, while all these practices seem to be no-brainers, you may be surprised how very few companies actually follow through with them, and therein lies the opening that ransomware attackers need and look for.
On top of the lackadaisical approach to security, updates and back-up that a surprising number of companies take, there is also the very real fact that these cybercriminals are continuously stepping up their game. Their attacks are more eloquent, more targeted, more prolific and more effective than ever before. Take the Dogspectus ransomware exploit, for example. It can self-install onto an Android smartphone, lockout the user and demand payment in bitcoin. So great is this problem that even law enforcement agencies are having a difficult time handling it. The Federal Bureau of Investigations (FBI) now regularly calls upon the services of private security firms to help deal with ransomware attacks.