sb-as logo
Story image

Ransomware-hit businesses have bigger problems than they realise, expert says

Businesses that have been hit by a ransomware attack have bigger problems than they realise, according to Palo Alto Networks, who says they must consider an entire security audit.

A full audit will help organisations avoid jeopardizing their businesses, the security firm says.

Ransomware is a cyberattack that encrypts business information so that users can’t access the files, effectively locking the business out of its own systems and data. The attackers then demand a fee to unencrypt the data, returning the systems to normal. 

“Quite often when an organisation is hit by a successful ransomware attack, business leaders think if they pay the money that will be the end of the story,” explains Gavin Coulthard, systems engineer, Palo Alto Networks. “In fact, it’s quite the opposite,” he states.

“If cyberattackers got through your defences in the first place, chances are you have bigger problems with your security competencies,” Coulthard says.

“Then, if you pay the ransom, you identify yourself as a business that’s willing to pay and it’s highly likely the attacker will keep coming back for more,” he explains.

“It’s also important to remember that once your data is taken, the attackers can do what they like with it, including selling it or using it to fuel subsequent attacks on you and your customers. Your data can appear all over the internet for other cybercriminals to use or for your competitors to see,” adds Coulthard.

Palo Alto Networks recommends the following five tips if you are hit with a ransomware attack:  1) Have back-ups of everything: if you are targeted, it’s important that you’re not reliant on the information being held.    2) Communicate the risks with staff: make sure ransomware attacks aren’t successful by making your team aware of ransomware and instructing them to avoid clicking on unknown links or emails, which could generate an attack.  3) Audit your security: if you are attacked, you should complete a full security audit to ensure there are no further risks or malware lurking in your systems.    4) Be aware of specific times of year: Christmas and tax time are considered high-risk times for businesses to suffer a ransomware attack. During a time when lots of online transactions are happening, and people may be less wary of emails from people they don’t know, attackers can socially-engineer recipients to click on attachments or links to trigger an attack.    5) Don’t pay: if you are attacked, do not pay the money. This only entices the cybercriminals to repeat the attack, since they now know you are willing to pay, which will create bigger problems for you. Instead, ensure you have adequate backups so you can live without the encrypted data and conduct an immediate security audit.  “Businesses must understand that a ransomware attack is the canary in the coalmine: it’s a warning sign that your security is not up to scratch,” says Coulthard.

“It’s important to react quickly and calmly to ensure another attack doesn’t occur. Simply paying the ransom will not be the end of the attack, so revert to backed-up information and tighten your security immediately.” 

Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Story image
SMBs seeking service providers in face of rising cyber threats
SMBs are struggling with their cybersecurity solutions, with three quarters worried about being the target of a cyberattack in the next six months, and 91% considering using or switching to a new IT service provider if offered a better option.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More
Story image
APAC organisations struggle to find balance between digital adoption and cybersecurity
Organisations in the Asia Pacific (APAC) region are significantly concerned about security threats, but nevertheless are looking to advance operations through digital adoption.More
Story image
Jamf extends Microsoft collaboration with iOS Device Compliance
Organisations will soon be able to use Jamf for Apple ecosystem management while using Azure Active Directory and Microsoft Endpoint manager to maintain conditional access.More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More