Ransomware is malicious software which blocks access to a computer system, sometimes with a threat to publish data, until a ransom is paid.
Written by María Isidro, Chief Community Officer, 1600 Cyber
Cyber criminals always take advantage during crises, and it hasn’t been different with the Covid-19 pandemic. They’ve used companies’ transition to working remotely to find gaps and vulnerabilities, and have taken advantage of the lack of awareness and best security practices from employees to access companies’ systems.
In this landscape, Ransomware has become one of the most frequent types of cyber-attacks, and definitely one of the most harmful ones, increasing the number of cases globally by 20% in the first half of 2020, and representing a cost of $20 billion, with an average cost of $4 million per attack. In the UK, Ransomware is costing companies £346 million per year.
121.2 million attacks were recorded up to July 2020, with 79.9 million of these in the US and 5.9 million in the UK.
Ransomware groups have even been providing RaaS (Ransomware-as-a-Service) to gangs, becoming a great threat to businesses of every industry across the globe. Ransoms paid to these criminal gangs end up funding other forms of organised crime, this is one of the reasons why companies are encouraged to strengthen their prevention and preparedness strategies to avoid being hit by Ransomware, and, when hit, respond rapidly having a proper cyber infrastructure, processes and team. Restoring systems from previous backups is more efficient and a better practice than paying the ransoms.
Recent Ransomware attacks in the last couple of years have been:
Travelex: Attacked by REvil Ransomware gang (Sodinokibi) on New Year’s Eve in 2019. Hackers had claimed to have downloaded 5GB of customer sensitive data.
Result: The company had to take down its websites in 30 countries for two weeks, and paid a $2.3 million ransom in bitcoin.
This Ransomware attack, in combination with the crisis derived from the Covid-19 pandemic which hit right after the attack, caused the company to go into administration, which meant the loss of 1,300 jobs.
Orange – French telecom company and fourth largest mobile operator in Europe, suffered a Ransomware attack (Nefilim Ransomware) in July 2020, giving hackers access to twenty Orange Pro/SME customers’ data.
Manchester United Football Club – Hit by a Ransomware attack in November 2020. Following an alert from NCSC to Football Clubs issued last year, the club strengthened their protocols and procedures, and rehearsed extensively to mitigate cyber risk. This investment and practices seemed to result in an early detection and response, not disrupting their website, mobile app, etc
Garmin – The fitness brand suffered a Ransomware attack in 2020 (WastedLocker Ransomware), and experienced a global outage. They paid several millions of US dollars
How can you prevent being a target of Ransomware groups?
Ransomware attacks can be prevented by creating a cyber awareness culture in your organisation; this can be achieved by training your employees and building a cyber awareness programme that your leadership team follows and champions. Most Ransomware attacks start with an employee clicking on a malicious link or downloading a malicious attachment from a phishing email, which can be prevented with training and constant awareness.
Boards need to make Ransomware a top priority, not just from a financial perspective, but also because it is their duty to protect their stakeholders’ data. Every organisation is a target, so they need to make sure their people, processes and technology are cyber ready before it’s too late.
Get proper training, for your board, your employees and your IT teams, so you are aware of the latest threats, make sure you have the proper systems, processes and controls in place and make sure your business strategy is cyber resilient.