If ever there was a flagship incident to demonstrate the power of ransomware, this is it. Ransomware, a particularly infamous form of cybercrime where business critical data is restricted until payment is made, has been in the headlines for all the wrong reasons.
This story is a little different. While ransomware can attack businesses both large and small, many criminals utilising the numerous viruses available target low hanging fruit: small business. It’s a simple numbers game, with many small companies having little to no cybersecurity in place. This tendency makes a volume approach attractive to cybercriminals.
A million dollars is, of course, slightly different from this approach. High profile attacks aren’t exactly uncommon, with the recent strike on the UK’s healthcare system with ransomware virus WannaCry drawing international attention.
Nayana, an established web hosting provider that located within the South Korea, was the victim of the attack. Believed to have occurred on June 10, weaknesses in the overall cybersecurity arrangements of the company made them a prime target for exploitation.
As is usually the case, the ransomware itself came in the form of a premade virus named Erebus. Able to target over four hundred file types, the sophisticated code easily penetrated the company’s assets. The attack spread through 153 Linux servers owned by the web hosting company, leaving owner Chil-Hong facing an absolute disruption to provision of service.
As is often the case, negotiations occurred. The criminals initially demanded a staggering 550 bitcoin payment; well in excess of the $1 Million dollars that Chil-Hong bargained the criminals down to. With the CEO already having liquidated assets, two instalments of the total are claimed to have been made.
Hoping to conclude the ‘deal’ as quickly as possible to restore his customers data, Chil-Hong quoted on Twitter that the ‘probability of recovering all the data will be higher’ once the last instalments are made.
This notion, while understandable, sets a dangerous precedent. As you might imagine, criminals don’t exactly obey the law, nor will they reliably honour a personal agreement. Many victims of ransomware attacks who have paid up find themselves subject to further demands. While it is common for modern ransomware to incorporate a payment system, there is no guarantee that any form of response will be even received should a payment be made.
Protecting your assets
Fortunately, it is not an exhaustive or costly process to protect your business assets from being exploited by cybercriminals. Ransomware works by restricting access to vital information and data that cannot be found elsewhere; this makes safeguarding simple.
Backups of all business-critical assets is a simple first step. This ensures that should you be targeted in an attack, you will be able to restore your documents to working order separate from the attack itself. With the need for payment removed, recovery can subsequently take place.
Employee awareness is also a practical measure. Many data leaks and cybersecurity issues, including susceptibility to ransomware, can be avoided by cascading information on security processes and information on attacks. With many attacks being caused by internal sources, mandating a greater level of awareness of the threats posed by ransomware and other cyberattacks can provide remarkable results.
Investment in professional support and software, however, remains a powerful measure in the fight against ransomware and cybercrime. Although the above measures can ensure an acceptable level of overall security, many businesses cannot afford to be remotely susceptible to an attack.
Just as modern ransomware has evolved and become more sophisticated, so has software that protects against it. A combination of investment in this software, combined with professional consultancy services such as a data and security audit, can ensure a level of protection that removes your business as a viable target in the digital world.