Ransomware is still the favourite choice of hackers because it is so simple and effective. Unsuspectingly, you click on a link in an email or install a download, and suddenly your computer blocks. A message appears on the screen saying ‘Your data has been encrypted, pay ten Bitcoins to unblock it’. What do you do? How can you prevent ransomware attacks? And what should you do if your organisation does get hit? You can read the answers to these and other questions about ransomware in this blog.
Every two seconds, a company or person somewhere in the world becomes a victim to a ransomware attack. In the United Kingdom, ransomware is also causing considerable damage: between 2021 and 2022, there was an 70% increase in the number of ransomware attacks.
According to cybercrime statistics, by 2022:
of cyber incidents in the UK affect personal data.
paid ransom to regain access to company data.
indicated that in addition to ransomware, other costs are created.
First things first: what exactly is ransomware? Ransomware is a form of malware that literally “holds” computers hostage. In a hostage software attack, a company or individual’s ICT systems are infected with a computer programme that encrypts the data in the system. These are then inaccessible to those affected. In exchange for a ransom, the cybercriminals lift the encryption again. They usually ask for crypto currencies such as Bitcoins in ransomware attacks, as this is more difficult to trace than official currency.
A worrying development in the use of ransomware is that cybercriminals are no longer limited to demanding ransoms, but are also committing other crimes such as extortion, theft, fraud or abuse. The nature and seriousness of the offences is increasing and with it the damage to victims.
Moreover, a ransomware attack also hounds companies with other costs, such as replacing ICT systems or hiring ICT specialists. Furthermore, they often suffer loss of revenue, as the business is temporarily not fully functional. Many also enlist the help of a cyber security firm or the police. In a nutshell, the direct and indirect damage caused by a ransomware attack can be quite substantial.
Not surprisingly, more and more insurers are offering coverage for cybercrime damage in their business insurance policies. In doing so, incidentally, it is increasingly debated whether the ransom sum is also covered.
The cybercriminals behind ransomware attacks are difficult to track down. Because it is difficult to identify them, they are generally not often prosecuted. Moreover, the willingness of companies to pay the requested ransom is high, as they are quite often threatened to expose or destroy sensitive information. Companies affected by ransomware often fear reputational damage, which is why they are not keen on negative publicity.
Prevention is better than cure. As many as 74% of ransomware attacks are triggered by a human action. For cybercriminals, it does not matter whether you are a large organisation or a sole trader, a healthcare organisation or a commercial company. ‘Opportunity makes the thief’ is their modus operandi, so all they need is a way to enter your business environment.
For example, via a software download, a stolen password or a click on a link in an email by an unsuspecting employee. Use these tips from the Consumers’ Association to reduce your chances of coming into contact with ransomware or other malware:
Install a good virus scanner on all devices with an internet connection. Also pay attention when the licence expires, the virus scanner will still work after that but will not be updated with information about the most current cyber threats.
Keep all software on your devices up-to-date. Install updates to your operating system, internet browser, browser add-ons and other programmes as soon as they are offered. On business devices, the IT department sets up updates to run automatically.
You can also check whether the message is true through another channel, for example by calling the sender and asking, “Is it true that you just emailed me?”.
Do not enable macros in Office documents you have received from third parties, especially if the document asks for them.
Ransomware is often an executable .exe file disguised as another type of file, for example a PDF document. By enabling file extensions, you can see this.
Through technology, many but not all cyber risks can be mitigated. A mistake is easily made. A link is clicked in an instant, resulting in a lot of trouble. That is why it is very important to properly inform your employees about the dangers of ransomware and how they themselves can stay alert.
Zenya BOOST can help you do just that. With BOOST, you develop effective and coherent awareness campaigns that create context and understanding and engage people on the topic of cybercrime. This helps people understand why it matters. By creating awareness, they know how to recognise ransomware and deal with it wisely.
Discover the possibilities of putting together the ultimate awareness campaign within Zenya BOOST.
Central Statistics Office. (2023, Aug 3).CyberSecurityMonitor 2022. Referenced from: https://www.cbs.nl/nl-nl/longread/rapportages/2023/cybersecuritymonitor-2022
Freeze, D. (2023, 10 july). Global ransomware damage costs predicted to exceed $265 billion by 2031. Cybercrime Magazine. Referenced from: https://cybersecurityventures.com/global-ransomware-damage-costs-predicted-to-reach-250-billion-usd-by-2031/
Request the brochure to have all the information easily to hand.
Want to see for yourself what Zenya BOOST can do for your organisation?
Read all about it on the Zenya BOOST page. On this page, you can also request a free demo.