Ransomware Attack: A company paid millions to decrypt their data. Then the hackers came back again!

ransomware

A cautionary tale for all UK businesses is detailed by the UK’s National Cyber Security Centre (NCSC) in a blog post about the rise of ransomware. The company in question fell victim to a ransomware attack and paid cyber criminals £6.5million for the decryption key to restore their network They were then targeted by the exact same ransomware gang under two weeks later after failing to examine why the attack was able to happen in the first place. They had paid the first ransom, sat back, and then relaxed. Big mistake!

The vulnerability was left open and was immediately exploited again by cyber criminals who have no emotion or sense of fairness when it comes to their victims. This is business to them, and nothing more.

That is why firms shouldn’t just take the “it will never happen to me” approach to cyber security. If you haven’t brought in a good Managed Security Service Provider (MSSP) to fully protect your systems you obviously increase the risk of cyber attack. With 65,000 cyber attacks on UK businesses every day, your attitude must be that IT WILL HAPPEN, so get advice today! And if you do find yourself under attack it’s not enough to just pay a ransom or whatever demands the cyber criminal make and then do nothing else. Speak to a reputable MSSP like Labyrinth Technology to find out WHY and HOW the cyber attack occurred to make sure your business learns from the experience and is protected in the future!

The best way to avoid any of this is, of course to secure your network against cyber attacks in the first place. Simple things like using multi-factor authentication and making sure operating systems and security patches are upgraded regularly and up to date. Also make sure that you regularly backup your networks so that in the event of a successful ransomware attack your data can be restored with the least disruption possible. But while some of these things can be done “DIY”, it all needs to be part of a Unified Threat Management (UTM) approach.

unified Threat Management

What is UTM? Well, put simply it is all of the things you need for cyber security in a single strategic package, such as;

– initial Cyber Security Consulting: to determine the risk opportunity (for criminals), appetite (for you) and therefore options available. If you don’t know your weaknesses and vulnerabilities, they cannot be addressed!
Security Awareness Tools: the process of increasing awareness within management and staff of what cyber crime is and how it works, so as to minimise the “human error” factor. Do your staff have adequate knowledge of phishing and business email compromise attacks for instance?
– Focussed Email and Network Security: looking at specific “tools for the job”, such as encryption, firewalls and mobile device management.
– An ongoing Managed Security Service: making sure that everything continues to provide what you want – Cyber security!

special offer

If you would like to have a discussion on how Labyrinth Technology can help your business in the fight against cybercrime, and find out about our special offer on our Security Awareness Tools, contact us now.

Leave a Reply