What is Ransomware & how to guard against it?

Ransomware can be used to take valuable business data hostage. Here’s a closer look at how ransomware works and what your business can do to protect against it.

If your business is hit by a ransomware attack you could be left without access to crucial business data, crippling your ability to trade and worse put you at risk of litigation from your customers.

Ransomware for consumers may be on the wane, but it’s a growing threat for business owners and corporations of all sizes, where it has the potential to have a devastating effect on your company’s reputation and profitability.

What is it?

Ransomware is a type of malware which blocks its targets out of their computer systems with the aim of extorting money.

Scammers using ransomware usually do this in one of two ways, by either:

  • Threatening to permanently deny access to computer systems
  • Threatening to publish sensitive data online

In both cases they demand a ransom in exchange for removing the ransomware from your computer systems and restoring your access to your data.

The ransom amount itself can vary significantly, with some scammers opting for lower amounts in the hope more people pay up and others asking for thousands of pounds.

What businesses are at greatest risk?

Any individual or business could be a victim of ransomware – no matter what the size or business sector.

However, are more prone to attack than others, with healthcare and financial services at greatest risk.

It’s estimated that 45% of all ransomware attacks target healthcare organisations, while 90% of financial services companies surveyed in 2017 had been targeted by an attack in the last 12 months.

It’s likely that cyber criminals target these industries because of the sensitive nature of the data they hold. With healthcare companies they also have less time to respond before patients are put at risk making them more likely to pay the ransom.

The financial sector is also particularly susceptible because of the amount of high value data they hold. A bank, insurer or broker have personally identifiable information (PII) that could be worth a lot to cyber criminals making them an attractive target.

Types of ransomware

There are two main types of ransomware:

  • Crypto ransomware: which encrypts the files on your computer so you cannot get access to them.
  • Locker ransomware: which doesn’t encrypt your computer files but instead locks you out of your device until you pay a ransom.

You can find more examples of recent ransomware attacks on the Kaspersky website.

How to avoid ransomware

There are several steps you can take to reduce the risk of falling victim to a ransomware attack:

  • Keep your software updated: ensure you install any operating system updates and patches. This should help reduce your vulnerability to attack.
  • Only install software you trust: don’t install anything unless your know what it is, what it does and where it’s come from. Many ransomware attacks only succeed due to human error, so be extra cautious before installing anything on your computer.
  • Use anti-virus software: and make sure you keep it up to date. This could prove vital in warning against suspicious software before it gets access to your computer systems.  
  • Consider a whitelisting programme: they work by controlling which applications can make changes to your computer. While they can feel intrusive because you often need to grant permission by “whitelisting” each time they could also block ransomware you’ve missed.
  • You should back up all your files on a regular basis just in case, ideally this should be done automatically so you don’t forget.

Also, back-up your data offline, there are some ransomware attacks that can detect online backups and block your access to them as well. An offline back-up is still the safest way to ensure you can keep access to your information should your computer be infected.

You can find more tips on how to avoid ransomware attacks on nomoreransom.org.

Protect your business with the right cyber cover

Even when you adopt the best precautions it’s prudent to have robust contingency plans in place.

A decent cyber insurance policy can offer crucial financial protection should you be hit by ransomware and will help get your business back on its feet following a cyber-attack.

Ransomware attacks are covered by most cyber insurance policies and this would then be treated as a policy claim.

You can read our guide on what cyber insurance covers for a detailed look at what it can cover.

5 Facts about Ransomware for SME's

Should you pay the ransom?

Most industry experts advise against paying the ransom if you’ve been attacked. This is for several reasons:

  • Paying the ransom just confirms to the scammers that ransomware works.
  • There’s no guarantee you’ll get the decryption key you need to regain access to your data.
  • Many types of ransomware have already been decrypted by security professionals – you can see a list on the nomoreransom website

If you have cyber cover in place, they will usually offer guidance on the best course of action to take to regain access to your data.

How much is the average ransom?

This can vary hugely, both by industry sector and by the type of ransomware attack.
The latest figures from Coveware put the average at over $36k.
Unfortunately, the true total cost to your business could be much, much higher, especially when you factor in secondary costs like business down time during an attack and damage to your brand reputation going forward.

How does ransomware spread?

The most common way ransomware is spread is via phishing emails.
These usually get you to install malicious software which then contains ransomware. You can find out more about how Phishing attacks work and by reading our guide: How to Protect Your Business from Phishing attacks.

Can ransomware be removed?

Some types of ransomware can be removed without paying the ransom, but it depends on the type of ransomware you have been infected by.
Several security firms, including the McAfee, Kaspersky and the European Cybercrime centre have teamed to form the No More Ransom project, which shares ways to remove the ransomware they’ve been able to decrypt.

Who created ransomware?

Joseph L Popp created the first ransomware called the AIDS Trojan or PC Cyborg Virus in 1989. It was circulated by floppy disk at a World Health Organisation AIDS conference.

Can ransomware infect cloud storage?

Cloud storage in general is more secure against ransomware attacks than traditional computers and laptops, but it 100% immune from attack.

Ransomware FAQs

This can vary hugely, both by industry sector and by the type of ransomware attack.

The latest figures from Coveware put the average at over $36k.

Unfortunately, the true total cost to your business could be much, much higher, especially when you factor in secondary costs like business down time during an attack and damage to your brand reputation going forward.

The most common way ransomware is spread is via phishing emails.

These usually get you to install malicious software which then contains ransomware. You can find out more about how Phishing attacks work and by reading our guide: How to Protect Your Business from Phishing attacks.

Some types of ransomware can be removed without paying the ransom, but it depends on the type of ransomware you have been infected by.

Several security firms, including the McAfee, Kaspersky and the European Cybercrime centre have teamed to form the No More Ransom project, which shares ways to remove the ransomware they’ve been able to decrypt.

Joseph L Popp created the first ransomware called the AIDS Trojan or PC Cyborg Virus in 1989. It was circulated by floppy disk at a World Health Organisation AIDS conference.

Cloud storage in general is more secure against ransomware attacks than traditional computers and laptops, but it 100% immune from attack.

Martin Lane
Written by Martin Lane, Head of Content
Martin is an experienced writer in the financial services sector previously serving as Managing Editor at money.co.uk with regular guest slots on BBC Radio 4 and featured in the national press.

Cyber insurance buying guide for SME’s

2020

BUYING GUIDE FOR CYBER INSURANCE

Free for a limited time