Ransomware infographic

Ransomware

Yesterday we looked at phishing and whaling, which is a method cybercriminals use to obtain money or information, and can also be a way to install malware or ransomware.

What is malware?

The National Cyber Security Centre states: “Malicious software, also known as 'malware', is software or web content that can harm your organisation, such as the recent WannaCry outbreak. The most well-known form of malware is viruses, which are self-copying programs that infect legitimate software.”

What is ransomware?

Ransomware is a type of malware that infects the computer system, demanding a payment to release the locked data or system. In 2017, the NHS suffered a large-scale ransomware attack known as ‘WannaCry’ in which staff were left unable to access patient data. Bitcoin was demanded to unlock the ransomware. Around 40 organisations were hit, resulting in the cancellation of 6,900 appointments, and a further 12,000 estimated to be affected. It is thought that the total cost to the NHS was £92million. According to the National Audit Office’s report, several NHS trusts did not act on critical advice to patch vulnerable software or migrate from old software. This meant that systems did not meet cyber security standards.

Remember:

  • Never pay the ransom demands. There is no guarantee that data or access to systems will be restored and victims who paid may be re-targeted.
  • Always install the latest software and app updates on all devices, and use ant-virus software wherever possible.
  • Beware of the warning signs of phishing; do not open attachments or click on links within any unsolicited emails you receive.
  • Back up your data and keep it stored in a secure network.

The International Cyberthreat Defence Report 2019 found that of those victimised by ransomware attacks, 44% didn’t pay the ransom but recovered their data, 28% paid the ransom and recovered the data, 18% paid the ransom but lost their data, and 11% did not pay the ransom but lost their data (figures rounded up so may not add to 100%).

Yesterday we looked at phishing and whaling and we’ll continue to cover other topics during the week. Follow our social media for more:

Sources

Sign up for the Veritau Alerts Click subscribe to receive the monthly bulletin