What is ransomware?
Ransomware is a particular type of malware that encrypts folders and files, rendering them inaccessible. Criminals then demand a ransom in return for the decryption keys and even an additional fee to prevent public release of the stolen data.
In fact, this is one of the most frequent and damaging forms of malware in Australia and globally. It disrupts operations, can be costly to repair or mitigate and can cause reputational damage to organisations.
These cybercriminals are often part of complex enterprises employing large numbers of people. They may have websites that advertise their successful compromises. These websites can also publish data stolen from victims.
Some even have customer service teams to assist victims with paying in untraceable cryptocurrency such as Bitcoin!
The criminals adopt guerrilla tactics including increasing the ransom price after a specific time period; offering to decrypt a portion of the encrypted network for a reduced price; targeting vulnerable sectors such as healthcare and threatening to release stolen information when a ransom is refused.
Who can be held to ransom?
Anyone that stores information digitally is vulnerable and includes individuals as well as organisations. The key is the value of the information to the victim.
Cybercriminals usually target large organisations. Their belief is that they’re more likely to pay the large ransoms demanded.
The healthcare sector has been a target of attacks during the 2019/2020 financial year. State and Territory Governments and the education and research sectors also received demands.
How can I protect my organisation?
Unfortunately, there’s no single method to protect against threats. The Australian Cyber Security Centre (ACSC) has published the Strategies to Mitigate Cyber Security Incidents which outlines the Essential Eight mitigation strategies.
- restricting administrative privileges
- patching operating systems
- using multi-factor authentication (layman’s terms – 2 forms of login password and a key)
- configuring Microsoft Office macro settings
- snapshot backups that can roll back to just before a hack or attack
What should I do if I receive a ransom demand?
Don’t pay it! Australian Government cybersecurity experts advise not to pay the ransom. There’s no guarantee that the criminals will decrypt the files. And in fact, wiper malware (where files are permanently modified or deleted) can be used in conjunction with ransomware. So your files will disappear in any case.
Sometimes the link provided to the victim directing them to payment information can install further malware onto their system or network. By indicating their willingness to pay once and give into criminal demands, organisations open themselves to further attacks.
Report it.Cybercrime incidents should be reported to ReportCyber which is an Australian Government online portal. This is for individuals and businesses to report a variety of computer crimes, including ransomware.
Seek help. If you’ve been a victim of a ransomware attack, engage a cyber security provider to support your remediation efforts. Your provider should also review your network for security vulnerabilities to prevent future attacks from occurring.
At AUP IT, we can help you with innovative cybersecurity solutions to support your security efforts.
If you would like to have a confidential discussion about your cybersecurity and data security needs, contact us on 1300 489 997 or email firstname.lastname@example.org.
Late last year, reports started circulating about people in China becoming infected with pneumonia. Officials said they were monitoring to prevent it being spread and developing into something more severe. When we were all clinking glasses on New Year’s Eve 2019,...
It wasn’t all that long ago that backing up files meant adding another blank page and sheet of carbon paper before you started typing. That extra copy would be added to the filing cabinet and voila! Backup done. Carbon paper has now gone the way of the Walkman and...
Have you wondered what a CIO could do for your business? After all, you have your business plans in place, and you’ve chosen your staff wisely. You’ve invested in plant and stock. You’ve spent time and money developing a quality system and you’re implementing your...