Ransomware steals headlines year on year. ‘The Uninvited’ malware can cause quite the fright, especially if it ‘Comes at Night’ and encrypts your data; restricting access to computers files and systems before requesting payment.
No organisation or sector is immune. Since the first ever ransomware attack believed to be in 1989, it’s become one of the fastest growing malware, used to extort individuals and organisations. Its popularity among criminals signifies the importance of having a fundamental mitigating strategy, especially when considering the attacks in 2017/18.
Given the negative outcomes and implications of becoming a ransomware victim. ‘IT’ is vital that measures are in place to prevent attackers from ‘emerging from the sewers’ to float malware through your systems, and abuse security gaps.
Here’s a few measures to help avoid this:
You need to address the fundamentals surrounding ransomware by frequently updating and patching outdated systems (including endpoints using patch management systems). This can help to avoid a ‘Friday the 13th’ scenario causing ‘Misery’ throughout your organisation. Engage with your employees’ awareness through regular training and updates on the latest trends. Equip them with the ability to recognise threats, specifically social engineering tactics, such as phishing – a primary attack vector for ransomware.
You could consider creating a zero-trust model, decreasing attackers’ capabilities to breach the network and access resources especially as attack surfaces increases. It’s also important to frequently backup files and critical assets and store them offline or on a separate network. Don’t forget the use of multi-factor authentication (MFA) combined with access management can help strengthen defensive strategies too. And just in case, have a data breach response plan at the ready, trialed and tested, to ‘Get Out’ of a bad scenario!
Should you pay?
Without these measures, you’re more likely to come face-to-face this question.
Sadly, an organisation may pay indirectly through reputational damage, disrupted services and potential GDPR fines as sensitive data and other resources are targeted. But should you really pay a ransom? The outcome of doing so will most likely result in the criminal(s) returning like Michael Myers’ continual appearances over the decades. If you pay up once, they’ll keep coming back for more.
Even if you pay, it doesn’t guarantee that you’ll receive stolen data back from the criminal not to mentioned what unknown ‘Entity’ you could be funding. It’s best to avoid encouraging further malicious actions by not paying, which will help prevent your organisation from being caught in a loop of ‘Nightmare on Elm Street’.
Don’t be a victim of the ‘trick’ in ‘trick or treat’ this Halloween. Ensure your fundamentals are sorted and receive the treat of avoiding ransomware!
For more information on actions that you can take against ransomware, check out this resource from the NSCS: https://www.ncsc.gov.uk/guidance/mitigating-malware-and-ransomware-attacks
Happy Halloween!
Another great opportunity to focus on cyber security is also just around the corner. We’ll be covering key aspects of security best practice and the latest threat mitigation information. Be quick, booking closes on November 2. Book your free ticket to the Jisc security conference, 9-11 November 2021
2 replies on “Ransomware Scare – Halloween Special”
Spooktacular post Anthony!
Just to note that Jisc and NCSC supports the National Crime Agency recommendations to not pay ransoms and paying may also be against the terms of your Funding Agreements.
If any education and research sector readers need assistance with dealing with a ransomware attack please contact Jisc CSIRT https://www.jisc.ac.uk/csirt
Awesome article Anthony, super informative!