2016 was without doubt, the year where ransomware became a real threat to business’s worldwide. Ireland has not escaped the reach of global cybercriminals. Dell EMC has described it as one of the biggest cyber threats ever, to both SME’s and large multinationals.
Unlike phishing, up 115% in the second quarter of 2016, and where cybercriminals attempt to obtain passwords and other sensitive information using social engineering and malware: ransomware attacks prevent you from accessing your own information. “Generally speaking, ransomware is activated in the same way as any other malware: users are duped into opening an email attachment or following a suspicious link,” said Gerry Murray, Country Manager, Dell EMC Ireland. The ransom demanded can be in the high €100’s or high €1000’s with no business immune from the threat.
IT.ie engineers have many years’ experience in supporting SME’s in Dublin and throughout Ireland and have been on the front line of every cyber threat over the past decade. Our clients often ask us “Can you 100% prevent ransomware from entering our office IT systems”? The honest answer is NO; it is not possible for any IT support service to absolutely prevent an attack on your systems. With our assistance, however, we can help you, the business owner or manager to greatly reduce your chances of an attack. Most attacks, are successful because of the common bad practices by IT systems users. CUBE (See below) is a short guide from IT.ie as to what you should do to mitigate your chances of attack.
- Communicate: with employees to develop a strategy to inform employees if a virus reaches the company network.
- Update: all software, including operating systems, antivirus software and all other applications.
- Back Up: all information every day, including information on employee devices, so you can restore encrypted data if attacked. It is strongly advised that you use an online backup service.
- Educate: staff on cyber security practices, emphasising not opening attachments or links from unknown sources.
What to do if you are attacked? Should you pay? “If you give in and pay the ransom, you’ve directly contributed to the wellbeing of criminality … and there’s unlikely to be a money-back guarantee. “says David Harley, senior research fellow at ESET. There is also no guarantee that you will retrieve all your data. Backing up your data online is the closest you can get to a guarantee that your data will be protected.
Another worrying trend for 2017 is the likely emergence of what’s known as “Jackware”. Stephen Cobb at ESET describes it as malicious software that seeks to take control; of a device. It might seem like something out of a James Bond movie but as more and more devices and systems are linked through a network, the concept of a cybercriminal having control over the key services in a hospital or power plant for example or having control over your fleet of vehicles, is a worrying prospect.
IT.ie can help you to help yourself. If you are prepared, then you can prevent an attack. If we were asked to pick only one weapon in the fight against the cybercriminal, it would undoubtedly be having a reliable “Online Backup service”. While this will not protect you from an attack, it will ensure that your data is safe outside of your network and can therefore be restored. If you implement CUBE, then you will greatly reduce your chances of attack and will ensure that your data is retrievable, should you fall victim to cybercriminals.