On 14 May 2021, Ireland’s Health Service Executive (HSE) suffered a major ransomware attack and was forced to shut down all its IT systems, nationwide. This sophisticated, financially-motivated attack – which has been called the most ‘significant’ cybercrime attempt against an Irish state agency1 – brought diagnostic services, COVID-19 testing and other critical activities to a halt. While progress has been made in restoring and rebooting systems, a significant disruption to everyday services is still ongoing.
This event highlights the fact that ransomware attacks are becoming more pervasive, sophisticated and destructive. While most organisations understand the need for a sound ransomware risk prevention programme, many are not sure where to begin.
The first step is understanding what your organisation is up against.
What is ransomware?
For those who may need a recap, ransomware is a form of malicious software (malware) that works by blocking access to a computer or mobile device and effectively holding an organisation’s systems and data hostage. Attackers demand a ransom in exchange for unblocking these systems; and often threaten to sell or leak data online if the ransom is not paid. This is one of the most dangerous types of malware today.
Who is at risk?
Anyone with a computer or device connected to the internet is at risk from a ransomware attack, including healthcare systems and law enforcement agencies. Given the prevalent nature of ransomware attacks today and the fact that this threat continues to evolve, it is important for businesses to make sure they have a best practice ransomware risk management strategy in place.
Here are five steps your organisation can take to mitigate the risk of ransomware attacks and other cybercrimes:
-
Educate employees:
Human error is a key cause of cyber security breaches. The best way to reduce this risk, is to ensure all employees receive regular cyber-security awareness training, along with testing so you can identify any knowledge gaps or areas that require more attention.
-
Keep technology up to date:
As most malware attacks exploit vulnerabilities in outdated operating systems and applications, be sure to keep all your software and operating systems up-to-date by applying patches and security updates when they are made available and carrying out a review of your systems to make sure that you are using the most up to date version of software.
-
Treat unsolicited emails with caution:
Don’t click on links or attachments from unsolicited emails. Double check senders’ details and make sure the email address matches the contact’s name and name in the body of the email, where relevant. Make sure that your training covers this so that all your employees understand how important this is also.
-
Scan for threats:
If you have antivirus software that works to detect malware and anomalies on your devices and network in real-time, you will be able to react swiftly as soon as anything suspicious occurs.
-
Keep a back-up:
Back up your data regularly to an external drive. Although this won’t prevent a malware attack, it will ensure you have access to your mission-critical data should one ever occur.
Ransomware attacks can have disastrous effects on a business or organisation. Although some victims will be very tempted to pay the ransom, there is no guarantee that the files will ever be retrieved. We advise that ransoms should never be paid, as this will only serve to incite and embolden the criminals to continue their malicious activities. It is therefore critical for businesses to remain vigilant and to invest time and money into ensuring safe practices online.
1 “Cyberattack ‘most significant on Irish state'”. BBC News. 15 May 2021. Retrieved 01 June 2021.