nlenbe-nlThe best software for quality and risk management.

What is ransomware and how can you prevent a ransomware attack?

Ransomware is still the favourite choice of hackers because it is so simple and effective. Unsuspectingly, you click on a link in an email or install a download, and suddenly your computer blocks. A message appears on the screen saying ‘Your data has been encrypted, pay ten Bitcoins to unblock it’. What do you do? How can you prevent ransomware attacks? And what should you do if your organisation does get hit? You can read the answers to these and other questions about ransomware in this blog.

Every two seconds, a company or person somewhere in the world becomes a victim to a ransomware attack. In the United Kingdom, ransomware is also causing considerable damage: between 2021 and 2022, there was an 70% increase in the number of ransomware attacks.

According to cybercrime statistics, by 2022:

  • 23% of cyber incidents in the UK affect personal data;
  • 31% paid ransom to regain access to company data;
  • 38% indicated that other costs were incurred.

23%

of cyber incidents in the UK affect personal data.

31%

paid ransom to regain access to company data.

38%

indicated that in addition to ransomware, other costs are created.

What is ransomware?

First things first: what exactly is ransomware? Ransomware is a form of malware that literally “holds” computers hostage. In a hostage software attack, a company or individual’s ICT systems are infected with a computer programme that encrypts the data in the system. These are then inaccessible to those affected. In exchange for a ransom, the cybercriminals lift the encryption again. They usually ask for crypto currencies such as Bitcoins in ransomware attacks, as this is more difficult to trace than official currency.

Facts and figures on ransomware

  • Damage from ransomware and ransom payments increased to more than $20 billion worldwide in 2021. This figure is expected to rise to more than $265 billion by 2031.
  • 37% of all businesses and organisations worldwide were hit by ransomware last year. This figure is also expected to rise further every year.
  • Recovering from a ransomware attack comes at a high cost. Larger companies lost an average of $1.85 million (lost revenue and additional costs) in 2021.
  • Paying ransom does not give any guarantee. Because although 31% of victims pay the ransom, on average they get back only 65% of their data or, in the worst case, nothing at all.
  • Malware as a whole increased by 358% in 2020 and ransomware by 435%.
  • Not everything can be repaired: only 57% of ransomware attacks were successfully repaired by backups.

Heavier crimes, high costs and catastrophic consequences

A worrying development in the use of ransomware is that cybercriminals are no longer limited to demanding ransoms, but are also committing other crimes such as extortion, theft, fraud or abuse. The nature and seriousness of the offences is increasing and with it the damage to victims.

Moreover, a ransomware attack also hounds companies with other costs, such as replacing ICT systems or hiring ICT specialists. Furthermore, they often suffer loss of revenue, as the business is temporarily not fully functional. Many also enlist the help of a cyber security firm or the police. In a nutshell, the direct and indirect damage caused by a ransomware attack can be quite substantial.

Wat is ransomware?

Not surprisingly, more and more insurers are offering coverage for cybercrime damage in their business insurance policies. In doing so, incidentally, it is increasingly debated whether the ransom sum is also covered.

What can you do against ransomware crime?

The cybercriminals behind ransomware attacks are difficult to track down. Because it is difficult to identify them, they are generally not often prosecuted. Moreover, the willingness of companies to pay the requested ransom is high, as they are quite often threatened to expose or destroy sensitive information. Companies affected by ransomware often fear reputational damage, which is why they are not keen on negative publicity.

Preventing ransomware attack

Prevention is better than cure. As many as 74% of ransomware attacks are triggered by a human action. For cybercriminals, it does not matter whether you are a large organisation or a sole trader, a healthcare organisation or a commercial company. ‘Opportunity makes the thief’ is their modus operandi, so all they need is a way to enter your business environment.

For example, via a software download, a stolen password or a click on a link in an email by an unsuspecting employee. Use these tips from the Consumers’ Association to reduce your chances of coming into contact with ransomware or other malware:

Tips om een ransomware aanval te voorkomen

Tips to prevent a ransomware attack:

1. Antivirus programme:

Install a good virus scanner on all devices with an internet connection. Also pay attention when the licence expires, the virus scanner will still work after that but will not be updated with information about the most current cyber threats.

2. Software-updates:

Keep all software on your devices up-to-date. Install updates to your operating system, internet browser, browser add-ons and other programmes as soon as they are offered. On business devices, the IT department sets up updates to run automatically.

3. Suspicious emails, texts or apps:

You can also check whether the message is true through another channel, for example by calling the sender and asking, “Is it true that you just emailed me?”.

4. Third-party office documents:

Do not enable macros in Office documents you have received from third parties, especially if the document asks for them.

5. File extensions:

Ransomware is often an executable .exe file disguised as another type of file, for example a PDF document. By enabling file extensions, you can see this.

Repairing damage after a ransomware attack

  1. Immediately disconnect the affected computer’s network connection to reduce the risk of further spread.
  2. Remove any USB sticks from the computer and keep them separate, as they could also be infected.
  3. Report it to all concerned: contact your supervisor, the IT department and your organisation’s IT suppliers.
  4. As an organisation, are you considering paying the ransom? Be aware that this gives no guarantee of getting your data back. Indeed, sometimes the criminals ask for even higher contributions in the second instance. Moreover, this is how you keep these criminal activities going.
  5. Your organisation’s IT department can try to decrypt the encrypted files themselves, for example using the recovery programmes available on No More Ransom, an initiative of the police and Europol, among others. Note: it is not certain that the available programmes will work well against the ransomware your computer has been infected with.
  6. Have your computer properly scanned and cleaned by a computer expert who understands ransomware.
  7. Did decryption fail? Then try to limit the damage by restoring a good recent backup. Therefore, make regular backups of your important data and documents.
  8. Report it to the police!
  9. Is there a data breach within the meaning of the General Data Protection Regulation, for example because files containing personal data have been encrypted? If so, report this to the Personal Data Authority within 72 hours.

Creating awareness around ransomware

Through technology, many but not all cyber risks can be mitigated. A mistake is easily made. A link is clicked in an instant, resulting in a lot of trouble. That is why it is very important to properly inform your employees about the dangers of ransomware and how they themselves can stay alert.

Zenya BOOST can help you do just that. With BOOST, you develop effective and coherent awareness campaigns that create context and understanding and engage people on the topic of cybercrime. This helps people understand why it matters. By creating awareness, they know how to recognise ransomware and deal with it wisely.

Discover the possibilities of putting together the ultimate awareness campaign within Zenya BOOST.

Sources:

Central Statistics Office. (2023, Aug 3).CyberSecurityMonitor 2022. Referenced from: https://www.cbs.nl/nl-nl/longread/rapportages/2023/cybersecuritymonitor-2022

Freeze, D. (2023, 10 july). Global ransomware damage costs predicted to exceed $265 billion by 2031. Cybercrime Magazine. Referenced from: https://cybersecurityventures.com/global-ransomware-damage-costs-predicted-to-reach-250-billion-usd-by-2031/

Discover Zenya BOOST

Request the brochure to have all the information easily to hand.Download the brochure for Zenya BOOST.

Free demo available

Want to see for yourself what Zenya BOOST can do for your organisation?

Request a free demo »

Do you want more information about Zenya BOOST?

Read all about it on the Zenya BOOST page. On this page, you can also request a free demo.