Ransomware and steps to help protect your business

15 Aug, 2016

Ransomware is now the most lucrative form of Malware in history. A new report from Malware Bytes now suggests that last year 54% of UK businesses were targeted with an attack. 

Ransomware describes when an attacker has the means to lock your computer and devices or encrypts files so that they cannot be accessed. Your attacker then demands payment in order to restore your device/files.

This form of malware is on the rise and reports suggest that most businesses are not prepared to face an attack. Many businesses do not have the right infrastructure in place and are unable to detect the threat quick enough. Cisco’s Midyear Cybersecurity Report suggests that it takes on average 200 days for a company to identify a threat.

So, how can my business reduce the risk of falling foul to a hacker?

Preventing Ransomware

Cisco advises companies take steps to protect themselves by:

  • Making sure your anti-virus is updated and you have the correct defences in place
  • Timely back-ups of data
  • Improving network hygiene
  • Measures in place to improve threat detection
  • Invest in Information Security Training to protect staff

My files have been encrypted and a pop-up is demanding money. What should I do next?

  • Don’t pay – report to action fraud!
  • Remove system from network to prevent potential spread
  • Restore back ups

The National Cyber Skills Centre and most organisations advise against the payment of ransom demands because:

  • You are not guaranteed to get your data decrypted
  • Further extortion demands may follow
  • It encourages further attacks against other victims and funds cybercrime

There are some free decryption tools available online. “No More Ransom” is a new initiative (announced on July 25th) to help people in America and Europe reduce the risk of being hacked.

The initiative suggests 4 decryption tools for types of ransomware; CoinVault, Cryptokluchen, Rannoh and TeslaCrypt.

Threats can be as simple as opening an email. Are your staff trained to spot fake emails? Do they pro-actively look for something out of place? Book a place on our upcoming Information Security Training Course on 27th September, to minimise threats to your business.

 

Sources: The Guardian, IT Pro Portal, Data Breach Today

ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.

Do you want to get ahead of your competition? Win more tenders or save time and money on reoccurring issues? Contact us today on 0330 058 5551 or email info@isoqsltd.com.

Alternatively, you can request a quote by filling out our enquiry form and a member of our team will be in touch shortly.

Related Posts

10 Cyber Security Tips for Remote Working

23 Feb, 2021

Since the first lockdown, cyber security has been on the rise but why? Quite simply because remote working employees are easy targets and businesses are finding it difficult to manage everyone. So, what can organisations do to protect their cyber security?

What is the purpose of your support meeting?

22 Feb, 2021

Support meeting, internal review, bi-annual meeting – it all means the same thing. It is a non-certificate dependent check from us to ensure that you are on track with your management system.  Let’s face it, nobody wants to have a week of panic prior to their recertification audit to gather all the supporting evidence and worse still, fail an audit and not receive their certification at all!

Three Great Reasons to Nominate Someone In Our Good Egg Awards…

8 Feb, 2021

Recognise those who have gone above and beyond for your organisation during the pandemic in our Good Egg Awards…..

Managing Risk – The Essentials

26 Jan, 2021

We’ve teamed up with IIRSM to offer you a place on their live online risk management training.