- Solutions For
Specialist IT Support Services for:
- Security
Security
- Our Expertise
Our Full Range of IT Services
Service Desk
IT Infrastructure
Remote Monitoring
Cloud Solutions
Business Continuity & Backups
Cyber Security
IT Consultancy
Microsoft Office 365
Perimeter Firewall Security
Network and Data Security
IT Audits
Dark Web Monitoring
User Awareness Training
Endpoint Security
vCIO/CIO
Mobile Device Management
Managed Wi-Fi SolutionsPosted 23rd August 2022
LP Lowdown, is LP Network's regular free newsletter designed to keep you up to date with all the latest IT news, security updates, and available products. Learn more.
According to recent research, in the UK alone, over 40% of businesses have identified themselves as having experienced attacks or security breaches in 2020, costing them more than £16k on average per data breach.
Anyone can be a victim of a ransomware attack. In most cases, unfortunately, and in desperation, many will pay the ransomware demand without thinking twice. However, whether you should pay it or not is hotly debated.
Ransomware is malware or software created to block a user from accessing their files on PCs, laptops and servers. Ransomware can enter an organisation’s IT systems in multiple ways including vulnerable web servers, downloading files from websites, clicking on an email link or attachment that may look safe but isn’t, by plugging in infected removable devices such as USBs or external drives, and also via remote access applications via shared systems.
Once infected with ransomware, your files are encrypted, and (potentially) the only way to get access to them is by making a ransomware payment.
In the UK, paying a ransomware demand is not considered an offence, although the national security authorities HMG do not encourage ransom payments and advise businesses against it.
The increase in cybercriminal activity in recent years has cost companies and the government billions in damages and finding solutions to protect their data. When information is successfully encrypted, getting back the encryption key from the attackers could be the only solution. This is where regular backup and business continuity planning is essential, it provides alternative solutions.
For cybercriminals, this is big business. Larger payments are being demanded, and these are often paid. Confidential and personal data is also stolen in the process if the ransom is not paid. There is, of course, nothing to stop them from copying your data for resale even if you do pay them.
Before you decide whether to pay, it is worth consulting with a professional to find out if the threat is real or not. If the threat is real and your business cannot function without retrieving the stolen data, and you have no options on restoring from a backup, then careful consideration and evaluation is needed as to the potential effect that paying or not paying it will have on your reputational, commercial and legal standing.
It will depend on the type of ransomware infection you have. Our professional team may be able to find a way to de-encrypt the strain, especially if it is a poorly written one. In this case, all will not be lost. This is also where making regular backups and inventory is crucial so that data can be rapidly restored.
Paying for ransomware doesn’t always work out for the best. There is no guarantee your data will be returned, and attackers can learn more about your systems and business in the event of a negotiation which means you may be more open to a future attack. Your systems and infrastructure will also need to be replaced to ensure effective security, at your own cost.
As well as this, paying the demand ultimately funds criminal activity. However, the decision whether to pay or not is a personal one made by the company involved and will be dependent on a number of factors.
It’s vital to ensure that your systems and teams are well prepared in the event an attack does happen by ensuring that your security measures have been fully evaluated. Being proactive will help you in the long run, so it’s important that stringent security measures are in place to prevent any attacks before they happen.
Unfortunately, once you have suffered a ransomware attack, it is unlikely you will be able to trust that your IT infrastructure is completely clear of it. Replacing your IT infrastructure can be costly. It is believed that 60% of small businesses close within 6 months of suffering a data breach or a cyberattack. Which is why we believe that prevention is better than cure!
Here are a few suggestions:
Knowledge is Key: Educate your teams and staff about cyberattacks and phishing. However, while training your employees can go a long way towards preventing users from clicking on a questionable attachment or link, this is only part of the solution. Find out more about our Cyber Security Awareness Training.
Plan and Protect:Book a meeting with Lee, our Cyber Security Lead, so we can help establish the right protocols for more secure data. There are many ransomware and cyber security strategies and technologies that can be implemented to protect your business. Examples include (but not limited to), software and training to combat email phishing, and secure endpoints with Anti-Ransomware detection and remediation. Then if the worse happens having a good backup strategy and Cyber Insurance. If you want to take a more proactive approach, then we can look at more aggressive threat-hunting and threat intelligence to deeply scan the devices and network for abnormal behaviour – finding that lurking threat rather than passively waiting.
Detecting Threats: Detect threats before they happen by using critical detecting malware software and advanced detection technologies. These can help in finding any variants across similar threats, so you block them before they can happen again.
Back up your data! Not just the critical systems, back up everything, and make sure they are not held in the same place as your data.
Business Continuity Planning / Disaster Recovery: There is much more to business continuity planning/ disaster recovery than backups!
Dark web monitoring: Are the passwords to your systems being sold on the dark web? We can monitor the dark web and alert you for any passwords that have been compromised in relation to your email domain.
Password Hygiene – Prevent access to some of your systems by ensuring everyone understands the importance of passwords. Do you have password vault/keeper in use across your business?
Penetration testing: Whilst the best thing maybe not to pay the demand, it’s vital to protect your business before it happens, by investing in valuable assets that can help to mitigate the issue. Test your systems regularly to make sure they are robust enough, and if not, find trusted IT professionals to advise you.
Complete this quick form and LP Lowdown will arrive to your inbox in minutes.
