Dell EMC has declared ransomware the greatest threat to Irish businesses’ cybersecurity.
“The crucial difference between ransomware and conventional malware is that it’s impossible to ignore,” said Gerry Murray, Country Manager, Dell EMC Ireland.
“Global organisations and governments view ransomware as their number one security concern. Any private network can be compromised and effectively destroyed by an attack on just one individual’s unsecured device, like a smartphone or laptop. No organisation is immune; breaches have impacted everyone from SMEs to global technology companies to public healthcare providers.”
Ransomware is a new and particularly sinister breed of malware that encrypts a user’s or organisation’s files, making them unusable until a ransom is paid to a cybercriminal gang. Even once the ransom is paid (which is usually at least several hundred euros, but can reach tens of thousands), there is no guarantee that the user will get their files back.
“Conventional malware can hack into computers and steal or disrupt data without the user ever knowing. Ransomware is essentially overt extortion. It is the modern day highwayman, but without the charitable intention. Data is held at digital gunpoint and either scrambled or destroyed forever if money isn’t paid. That can have devastating consequences not only for businesses, but for schools, hospitals and governments,” said Mr Murray.
A recent survey by Irish company Data Solutions found that a fifth of Irish businesses had fallen victim to ransomware. According to the FBI, cybercriminals extorted $209 million in the first three months of 2016—the figure could climb to a billion by the end of the year.
Worryingly, this figure only represents the total reported ransom payments. The real sum could be much higher, and the total cost of recovery for business is certainly significantly more.
Mr Murray says that avoiding ransomware—and malware in general—depends on user vigilance and appropriate security software.
“Generally speaking, ransomware is activated in the same way as any other malware: users are duped into opening an email attachment or following a suspicious link. To ensure you’re not caught out, it’s important that you delete any suspicious emails and never download an attachment or follow a URL link if you’re not expecting one from a trusted sender. Indeed, ensure the validity of the sender’s email address—don’t just rely on the descriptive name.
“Businesses should treat ransomware as a matter of ‘when’, not ‘if’. They need a contingency plan that allows them to recover quickly and with minimal disruption. That pivots on best practice, like security protocol, intelligent security software and frequent data backup.
“Up-to-date security software can quickly remove ransomware before it does damage—and that’s crucial, as ransomware can take as little as three minutes from infection to encryption. But, traditional anti-virus software, like a firewall, has its limits. Intelligence-driven security solutions actively counter attacks in real time before they’ve taken hold.
“The most effective weapon in your arsenal is data back-up. If your data is automatically backed up on a regular basis—in the case of businesses, over a period of hours, not days or weeks—the effect of a ransomware attack will be minimal. The data in its compromised state can be sacrificed and the older, uninfected data restored without ever needing to interact with the extorters.”
According to figures from cybersecurity company RSA, a Dell Technologies company, in Q2 2016, phishing, another type of cybercrime whereby fraudsters attempt to obtain passwords and other sensitive information using social engineering and malware, was up 115% on the previous quarter and a startling 308% on the same quarter in 2015. A total of 516,702 attacks were recorded globally.
Mr Murray said: “Phishing attempts may be hidden in convincing-looking emails from banks or insurers, so if you’re suspicious, delete, or call the business in question. Remember that your bank will never ask you for your private information by email.
“If you’re buying online, make sure you shop with a trusted retailer. At the payment screen, look out for a padlock or shield icon in your browser’s address bar; these indicate that your connection is secure. Often even a poorly designed website can be a sign of a hastily put together scam. When in doubt, Google the retailer and look for other customer reviews.
“If you think you may have had your details phished, you should change your passwords immediately and log out of all active sessions. Get into the habit of changing your password every six months and use a combination of random cases, numbers and symbols. It’s also very important that you update your programs when prompted—these updates often fix holes in security that can be exploited by hackers.”