How to beat ransomware attackers at their own game – IT Governance UK Blog
Ransomware – malware that aims to prevent victims from accessing their data unless they pay their attackers – seems to be in the news more than ever before.
Sophos’s most recent annual ransomware survey, The State of Ransomware 2021, found that 37% of organisations surveyed in 2021 had been affected by ransomware in the previous year.
Although this is a year-on-year reduction (51% of surveyed organisations were affected in 2020), the threat remains significant.
The only real way of beating ransomware attackers is to avoid paying them.
Paying ransoms is seldom a good idea. By doing so, you confirm that you’re a viable target and encourage further attacks, plus you might not even regain access to your data anyway – Sophos found that those organisations that paid a ransom got only 65% of their data back.
However, it’s easy to understand why some victims might feel it’s their only option, especially if they were unprepared for an attack and its effects.
So, what should you do to prepare for ransomware attacks and safeguard your organisation?
- Keep your technical security measures up to date
Ensuring your software is kept up to date with the latest patches will close known security vulnerabilities, and deploying anti-malware and antivirus solutions will identify the latest threats.
- Test for security vulnerabilities
A programme of regular vulnerability scanning and penetration testing will identify and test the extent of new security vulnerabilities as well as old ones that have been reintroduced into your systems, for instance as part of network changes.
Ransomware attackers rely on the simple fact that you need your data in order to work.
If you lose access to your data, you need to know that you have a recent, uninfected backup copy securely stored, either on a local device that’s isolated from your (infected) network, or in the Cloud.
Most ransomware – like other types of malware – is delivered via phishing attacks.
Training your staff to understand this threat, and know what to look out for and what to do if they fall victim is essential.
- Deploy incident response plans
If you are unfortunate enough to fall victim to ransomware, you need to identify and respond to the attack as quickly as possible. Robust cyber incident respond management planning will ensure you can get back to business as usual.
Cyber Security as a Service
If that all sounds like an overwhelming set of guidance, don’t worry. You can outsource your cyber security needs to the experts.
With Cyber Security as a Service, you get:
- Dedicated cyber security experts who will provide direction and guidance on securing your organisation, based on an assessment of your current cyber security posture. We take the pain out of cyber security so you don’t have to worry about it.
- Cyber incident response management planning to help you identify and treat incidents, and quickly return to business as usual.
- Vulnerability scanning and assessments to spot weaknesses that crop up inside and outside your organisation, so you can act immediately.
- Emergency legal support for those ‘just in case’ moments.
- Pre-written policy and procedure templates to ensure your documentation is complete and in line with best practice.
- An unlimited cyber security advice line for day-to-day peace of mind.
- Staff awareness training to reduce the threats that staff can pose both working remotely and in the office.
- A knowledge pool of newsletters, webinars and security updates to share with staff, senior management and stakeholders.
- Cyber insurance cover of up to £500,000 for additional peace of mind.