Ransomware attacks in Ireland have increased exponentially, a recent report indicating that a whopping 95% of small to medium sized Irish businesses experienced a cyber-attack in the past year. The threat actors responsible for ransomware attacks are becoming more advanced every day. This upward trend is going to continue to grow.
If your business has had the unfortunate experience of falling victim to one of these attacks, then you know the harsh reality of cyber-threats. If you have not had the experience of being targeted YET, then we would like to describe to you how the chain of events unfold.
The two most likely attacks to hit a small to medium sized business are Phishing and Ransomware respectively. Please note that these attacks can often be chained together so a phishing attack will often lead to a ransomware attack.
Here is a very common chain of events as seen by from the perspective of the victim:
An unsuspecting email may arrive containing an attachment or a link to ransomware posing as a common email with no suggestion of malicious intent. The employee unaware of the signals to identify a malicious email, clicks on the attachment or link.
In the background of the computer used by the employee, this is what happens…
The ransomware executes on the system. It will most likely encrypt all data within its range, it will erase and steal files, it will block access to systems and networks and then attempt to move laterally to spread to every other connected computer, system and network. This will appear to happen instantaneously.
As seen through the eyes of the employee…
A ransom note will display on the victim’s monitor. The note will contain instructions for the victim to follow in order to gain access to their data or device ever again. The instructions will direct the victim to download Tor browser (Tor browser is often used by criminals to access the dark web). And a link to input into the Tor browser. Once the link is entered a web page will be displayed containing information regarding the type of data that was stolen, the ransom amount, how the ransom should be paid (often in bitcoin) and the payment deadline. The threat usually contains a statement such as “If the deadline is not met the data will be published online”.
We have observed that some companies make the naive decision to not invest in an adequate security strategy and they opt to back up their files with the intention to rely on the backups as an alternative to paying the ransom. Unfortunately, this option can have a result that is just as financially crippling.
The General Data Protection Regulation (GDPR) legislation was created with the best intentions for the privacy and safety of European consumers’ personal data. However, GDPR states that a breach caused by inadequate IT security could result in the victimised company being held accountable and being forced to pay large fines.
The most financially efficient option by far is to invest in a cyber security strategy and avoid these events altogether. Every business owner needs to be conscious of these potentially devastating events. You can act now by contacting us, Secure Target. We can set out a road map to suit your needs and budget to give you piece of mind.
A customer recently contacted us asking what we can do for them to prevent such an attack. After a few short questions regarding their IT setup, we customised a plan unique for them. Here is a mention of just a few of the steps in the plan we outlined for that specific company:
1. Breach detection scans on all endpoint devices on their network.
2. Aquire an endpoint management and detection system to constantly monitor the devices for unusual activity.
3. Use a discovery tool to seek out sensitive data, classify it and move it to a secure location.
4. Use a cyber-risk tool to assess the overall security profile benchmarked against similar organisations.
5. Deploy an automated cyber hack simulator.
Please contact us today to get your plan in motion before it’s too late.