You may have heard the term ‘ransomware’ frequently in recent months, this is because attacks have increased rapidly over the last year. Ransomware is constantly finding new ways to attack its victims, but we can offer advice on how to defend your business.

How does ransomware work?

All ransomware finds its way into your system through a malicious file, these are most commonly downloaded into your system from a spam email attachment or a visit to a website which has been infected. The download then begins to encrypt files on your network. Usually it will target everything, but there are some which will attack very specific and important documents. 

While this is happening you will be completely unaware, until the point a ransom note is displayed on the screen and your system is locked down. Usually the ransom is for a large amount of money with a threat of file deletion for non-payment, accompanied by a ticking clock. While your system is under lockdown, you will not be able to do anything with your computer, except open the program to pay the ransom. The ransomware is designed to scare you and the threat of losing important documents puts large pressure on businesses to pay, especially where sensitive data could be stolen.

The advice from experts is not to pay the ransom. Despite this, it is reported that the majority of companies do pay. However, there have been many cases were companies have paid the criminals, only for their files to still end up deleted.

Nobody is safe

One of the most high-profile ransomware attacks happened in May, when a number of NHS hospitals were shutdown. It was later revealed that the ransomware was known as WannaCry, which is also known to have attacked a number of high-profile government departments and businesses in other countries. Whether you are a large or small business, it is important to stay alert, as cyber security can be an issue which affects anyone. Remember to double-check any suspicious or unexpected emails with an attachment before beginning a download, as they can look completely innocent. 

Targeted attacks

Many businesses display their employee emails online, to make it easier for outsiders to contact people within the organisation. If a ransomware attacker is looking to specifically target your business they may use personal email addresses as a way to gain access. They could target everyone in the business from the CEO to the receptionist. As ransomware becomes more advanced in its techniques, there have been many cases where emails are sent from one employee to another with an infected attachment. These strategies work because employees do not take closer looks at where the email has come from, it might not actually be from their colleague. This means it is important to train all staff to be on the lookout for suspicious emails. 

Increase in attacks

As the technology behind the ransomware attacks develops, the number of infected businesses is rapidly increasing alongside the level of money demanded. If you are worried about your online security, try to remember that 99% can be avoided through proper staff training. 

How to protect your business

All businesses should have staff training in place to protect the network from cyber attacks. This training needs to be constantly evolving to maintain pace with the changes and developments in the ransomware attacks. A proactive plan put together by the management team with an IT support team, can reduce vulnerabilities. 

There is a Microsoft patch for any systems still running on Windows XP, Windows Server 2003 and Windows 8. This can be downloaded for free from the Microsoft website. If you are still using one of these outdated operating systems it is probably time to upgrade. An upgrade will improve firewalls, encryption and provide improved protection from malware. 

Staff training and secure systems can help protect against the majority of ransomware attacks, but if you are still concerned, an IT service provider such as ourselves can provide the increased protection your business needs. We can proactively monitor your network around the clock to ensure you are secure. As the attacks are constantly evolving, we pride ourselves on staying abreast of any new developments to ensure we can provide the best possible internet security.