Ransomware deemed as the number one cyber threat for businesses in the UK

Written By Ross Francis

What is ransomware?

Ransomware is the process by which a cybercriminal utilises malware to gain access to and lock you out of your computer systems until a ransom is paid.

A single mistake, such as clicking a malicious link, is enough to unleash a ransomware attack. Other ways that the malware could infect your systems include downloading a malicious attachment, visiting malicious websites or as a result of unwanted add-ons during downloads.


Ransomware in 2021

This year, the NCSC announced in their National Cyber Strategy that ransomware had become the most significant cyber threat facing the UK in 2021.

Ransomware has become a global issue, for which (during 2021) Britain, the US and Australia agreed that there had been “sophisticated, high-impact ransomware incidents” that were originating from Soviet states.

The main targets of this surge in ransomware attacks seem to be universities and schools, charities, law firms, councils and the NHS. According to the head of the UK spy agency GCHQ, the number of ransomware attacks on British institutions had doubled over the past year. An example includes an attack on a supplier to the Labour party in November, causing Labour to lose access to some of its membership data.


Plans for UK’s The National Cyber Strategy

To mitigate the growing threat of ransomware in the UK, the NCSC compiled the following plan broken down into 5 pillars:




How can you prevent ransomware?

Install antivirus and keep it up to date: antivirus can detect known forms of ransomware (e.g. Locker, Crypto, Mac, Leakware) due to its ability to notify you when something is attempting to encrypt files out of nowhere or is making amendments to files. This should be part of a multi-layered security strategy.

Patching: updating your applications is necessary to fix system bugs and vulnerabilities. Failing to update leaves weaknesses in your infrastructure and opens it up to potential cyber-attacks.

Make regular backups: to ensure that, if your data is held ransom, you have a backup copy that you can recover.

Security awareness training: one of the most common ways of malware/ransomware infection is through phishing emails, which is why your employees are at the forefront of your ransomware defences and so should be one of your first focuses of security.

Filter email servers: using an email filter can scan for malicious code before they are opened. Additionally, email filters can scan for spam messages based on their wording or files that are typically associated with spam. Unlike spam, emails containing malware are typically more convincing than spam, so the ability to scan for malicious code is important.

Admin controls: ensure that only those who need permission to certain confidential files have access. Should malware infect an employee's computer, the malware will likely only have limited access to data. In addition, limiting your employees to dangerous online content by using web security tools can restrict them from accidentally downloading harmful content.

Cloud applications: with the average organisation using 1,000 applications, a flaw in just one of these could be an entry point for malware. Implementing a cloud security solution can scan for malware and respond quickly, in the same way as an email or web security tool.


Ransomware prevention with Vambrace

Sign up for your consultation to get set up with the right security for ransomware prevention.

Ross Francis
Previous

Thinking About Vulnerability Management
Next

Insider threats: can you trust your employees?