Ransomware – the facts
Ransomware is a malware virus that locks down computer systems and networks in return for a fee.
Non-payment can lead to a complete loss of information, but there’s no guarantee paying works either. Historically, recovery from similar attacks have not always been met where payment was made. Therefore, you should never pay a ransomware attacker but seek expert advice if you should ever become infected. Law enforcement and cyber security experts suggest that paying only funds further attacks. Infosecurity, a leading magazine on cyber security, has also published findings that show a link between ransomware and CEO fraud, a highly targeted phishing or whaling attack.
The National Cyber Security Centre (NCSC) recently stressed the importance of backup and disaster recovery, stating that if you have copies of your data elsewhere, then you cannot be held to ransom. Visit the full NCSC guidance on ransomware here, and our approach to backup as part of your wider cyber security strategy in our recent blog below:
Also known as WanaCrypt0r 2.0, WannaCry is the strain of ransomware that hit major firms including NHS England, Fedex, and Renault, as well as Spanish Telecoms provider, Telefonica. Overall, around half a million companies worldwide were hit by this attack.
WannaCry Ransomware Map
The ransom demanded $300 in Bitcoin to restore access to files. This digital currency is incredibly difficult, if not practically impossible to trace. This makes tracking the criminals behind these attacks especially hard.
Despite WannaCrypt’s profound effect, reports suggest this ransomware reaped less revenue for attackers than might be expected. This is welcome news for authorities trying to tackle the problem, but for many it wasn’t just the money at stake.
For NHS England, the consequences were extremely severe. Medical records stored digitally were unavailable for a number of days, and email and IP telephony went down across many trusts. Multi-national car manufacturer, Renault also had to halt production in a number of its European factories.
Read more about the major impact on the NHS in our earlier blog below:
Our clients – in safe hands
At Air-IT, we’re continually looking for ways to protect our clients from threats, including ransomware.
This enables us to pick up and block thousands of known ransomware strains. Should any attempt be made on our clients, this bespoke tool will automatically detect and block the spread of infection to any connected servers. This will minimise disruption and data loss, and makes it much quicker and easier for us to recover your systems.
Our service desk will be alerted to take further action, and once identified, the ransomware type will be archived to our directory. This effectively eliminates any further risk from this threat, and benefits all our clients in future.
This is just one of the ways we protect our customers from the ever-evolving threat landscape. With our award-winning backup and disaster recovery solutions, we’ll ensure your data can never be held to a ransom or lost.