Ransomware is a type of malicious software which takes control of its victims device and encrypts the data making it unobtainable. The cybercriminal then demands a sum of money (often the digital currency bitcoin) in exchange for returning their sensitive data.
But are organisations now treating ransomware as an inevitable cost of doing business? Unfortunately, this ideology is what allows cyber criminals to sustain their living and fund other illicit criminal activities. In the past few years there has been an astonishing rise in the amount of businesses being targeted by ransomware, a recent survey reported that a staggering 54% of UK businesses have been hit by such an attack.
The problem as a whole is conflicted by the ‘what came first the chicken or the egg’ kind of debate. Many people find themselves going round in circles, they don’t want to toy with the idea of humouring these hackers, but they often feel they have no way out- if they want to retrieve their data they must pay the ransom.
According to the Guardian, Cyber Security company Malwarebytes suggested that over half of UK businesses would eventually pay the ransom if their important data was encrypted. Considering an increasing amount of UK businesses are being targeted on a daily basis this is a difficult statement to digest.
More recently, these mastermind villains began to target UK schools. They started by cold calling education establishments claiming to be from ‘The Department of Education’ and would ask for the email and contact number of the headmaster. Once they had retrieved this under the guise that they needed to send confidential documents, they would send a .zip file disguised as a Microsoft Word or Excel file, which once downloaded would install the ransomware onto the computer and demand a ransom of £8000.
The culture which normalises gratifying these crooks demands is only adding fuel to the fire. Businesses who accommodate these criminals are not only funding their illicit and most probably lavish lifestyles, they are also passively allowing this cyber-epidemic to spread like wild fire.
Because these hackers are earning such a sterling living, they are incentivised to improve their techniques and really get creative. More recently a hotel in Austria was hit by a Ransomware attack which took over their internal systems and locked guests in their rooms. With the added pressure of panicked guests they were coerced into paying a ransom of 1500 euros.
Over in America there is far more stigma attached to surrendering to the ransom, especially in law enforcement. The FBI’s cyber division assistant director James Trainor, said “Paying a ransom doesn’t guarantee an organisation that it will get its data back—we’ve seen cases where organisations never got a decryption key after having paid the ransom.”
However, whether you would or wouldn’t give into a ransom is not the question you should be asking yourself. Instead, you should be ensuring that you have the cyber defences in place which prevent you from being in such a disastrous situation.
Equilibrium understands the risk Ransomware poses for your business, which is why we offer a service called Ransomware Protect. This works off a cloud based application called Cisco Umbrella and it is proven to block up to 85% of Ransomware intrusions. It is an extremely intelligent application which is able to block malware threats before they even materialise, it analyses them on a global graph of internet activity on a DNS level. If it sees that an IP address has been associated with any malicious ransomware, the request will be blocked before it is even able to take hold of your device.
If you are concerned that your business could be vulnerable to a ransomware attack or you would like some more information on our services, please do not hesitate to get in touch!