Ransomware is a growing global cyber security threat, and one which could affect any organisation that does not have appropriate defences. While ransomware against Windows operating systems has been commonplace for some years, attacks against Mac and Linux systems are also seen.
The methods for infecting systems with ransomware are similar to other types of malicious software, as are the steps organisations can take to protect themselves. Depending on your level of preparation, ransomware infection can cause minor irritation or wide-scale disruption.
What is ransomware?
There are two types of ransomware; the first type encrypts the files on a computer or network. The second type locks a user’s screen. Both types require users to make a payment (the ‘ransom’) to be able to use the computer normally again. The ransom is often demanded in a cryptocurrency such as Bitcoin.
In many cases, the ransom amount is quite modest. This is designed to make paying the ransom the quickest and cheapest way to return to normal use. However, there is no guarantee that the key or password (to ‘unlock’ the computer) will be provided upon payment of the ransom.
- Check to ensure you are on the latest version of software (Windows Update)
- Install system and application updates on all devices as soon as they become available.
- Install anti-virus software on all devices and keep it updated.
- Create regular backups of your important files to a device that isn’t left connected to your network (such as an external hard drive or memory stick) as any malware infection could spread to that too.
If you discover ransomware
- Turn off your infected computer and disconnect it from the network it is on
If you are the victim of ransomware, the National Crime Agency encourages industry and the public not to pay, report to the National Fraud and Cyber Crime Reporting Centre (Action Fraud) at www.actionfraud.police.uk.
For further information
The National Cyber Security Centre guidance is available on https://www.ncsc.gov.uk/guidance/ransomware-latest-ncsc-guidance
Europol’s ‘No More Ransomware’ project is available on https://www.nomoreransom.org/index.html
Follow the London Digital Security Centre on Twitter @LondonDSC for further information relating to this incident, and advice on how to stay protected from ransomware and other forms of cyber attacks.
*information sourced from National Cyber Security Centre