Until relatively recently, ransomware was probably not a major threat for most ordinary computer and internet users – infections were often picked up only by visiting less reputable websites in the darker corners of the worldwide web – but with high-profile attacks like that on the NHS, this has all changed.
The so-called ‘WannaCry’ attack encrypted files throughout the NHS’s internal network, demanding a payment using the virtual currency Bitcoin in order to obtain a decryption key code.
It was halted by pure fluke when a cyber-security expert noticed a website address in the malware’s code and registered the URL – unwittingly triggering the virus’s ‘stop’ command.
Several more ransomware attacks on major organisations have made headlines in the weeks since, including the GoldenEye attack that originated in Ukraine and was optimised to spread as quickly as possible, leaving systems unable to be decrypted even if the ransom was paid.
That last point is worth reading again – in some cases, even if you pay the ransom and receive a decryption key, you cannot recover your original files due to the sheer rate of spread of the attack, which may be triggered over and over again within your network once infected.
So what can you do to protect an office network against ransomware attacks? Like many software- related issues, keeping everything patched and up to date is a good first step, as security updates help to close some of the back doors malware can use to gain access to your network or to individual systems.
Employee education can help too – ensuring that members of your workforce do not blindly open email attachments on networked computers without knowing where they are from, and that you quarantine the system before putting it at risk of malware if you do decide to open an unknown document.
Sadly, these threats are on the increase and at some point in the future, you may be affected. Comcare can advise on more secure business networks, including perimeter firewalls to block unauthorised access, comprehensive antivirus software to detect and halt attacks, and IT support to install security patches immediately when they become available.
But it’s important also to consider the ramifications if you do fall victim to an attack – whether it is ransomware or any other kind of malware or virus that infects critical files – and by supporting your IT systems with regular remote backup that is shielded from the spread of malware, you can make sure you have a secondary, up-to- date archive to restore from in the worst cases.