What’s been happening?
Since the pandemic began fraudsters have deployed sophisticated attacks to target people online.
The vaccine rollout has been another opportunity to take advantage. Action Fraud received 57 reports of fraud in relation to Coronavirus vaccines on January 7th. Phishing emails have also increased – in 2020 £242k was lost due to emails where the sender claimed to be DPD.
In December 2020, over £2 million was lost to criminals impersonating well known broadband providers. As cyber threats continue to grow, we are going to explain what ransomware is and what you can do to defend against it.
What is ransomware?
Ransomware is a piece of malicious software that locks your device or encrypts your data. The attacker then demands payment to have it unlocked. You are literally held to ransom by the attackers until you pay.
These unsolicited emails often appear to come from well-known, reputable organisations like a bank or a delivery company. So should you pay? Absolutely not!
The best defence is prevention. Here are 5 tips to protect you from ransomware attacks:
1.Don’t pay the ransom
First of all, you have no way of knowing if the criminal will release the lock or encryption even if you hand the money over. The attacker often runs off into the cyber sunset with your money AND keeps your device locked! One in every five companies pay the ransom and their devices remain locked and/or they never receive the promised decryption key. The FBI made this point in a statement they issued last year.
Secondly, by giving the attackers custom you are actively helping to create the market. The best thing we can all do is resist this type of malicious crime by reporting and preventing it.
2. Stay calm
When confronted with a locked PC and a short time limit to pay your ransom, your first reaction may be to simply make the problem go away. These threats are designed to exert psychological pressure to make you act quickly.
Don’t take the bait! Take a deep breath and remember what you have been taught to do in this scenario. If you aren’t sure what action you should take, ask.
3. Know how to recognise a threat
Knowledge is power where ransomware is concerned. The three main types of ransomware to learn about are spam, spear phishing and watering hole attacks. While spam and spear phishing tend to target individuals, watering hole attacks are designed to attack users in an organisation.
This is why it is essential to have supply chain security guidance in place. A Cyber Essentials accreditation is an excellent starting point for your company. We can offer guidance on how to gain a Cyber Essentials accreditation. The accreditation is available to organisations of any size in any sector.
4. Report spam
Don’t open any suspicious emails or links. If you do receive them, you should follow your organisation’s internal process and report them immediately.
You should report all data breaches to the ICO within 72 hours.
If you are not sure if something is spam and you’re worried about getting it wrong, report it anyway. It is always better to be safe than sorry!
5. Update your software and back up data
Your anti-virus software should be regularly updated. You should also back up your data daily or weekly at a minimum. This means that in the event of a ransomware attack leading to the loss of data, you will hopefully not have lost too much.
Cyber security is a constantly evolving threat. This means we have to stay diligent at all times, as individuals and in the workplace.
How we can help
Our KubeNet Managed Firewall Service (KMFS) protects your network and offers the benefit of increased management without on-site maintenance fees.
As a Network and Device security specialist and a Cisco Premier Partner, we have a range of products and solutions for all sizes of businesses. We can offer free trials of Cisco Umbrella which provides an excellent level of initial protection on your devices whether you are working in the office or from home, and from £3.75 per device per month it provides excellent value for money
We also offer a Managed Vulnerability Scanning service to analyse your network and identify security weaknesses. We provide guidance and advice on the best course of action following your results.
Please get in touch on 0800 6681 266 or firstname.lastname@example.org to speak to one of our cyber security experts.