You have likely seen the news that Ransomware is ‘the most immediate danger to UK businesses’, warns cyber chief | Science & Tech News | Sky News.
Chris Ross, SVP, International, Barracuda Networks comments:
“It’s right for the NCSC to identify ransomware as the biggest threat facing UK business, these attacks have the potential to completely paralyse any organisation, hijacking critical data and forcing many to handover large sums of money to break free.
The days of businesses hoping for the best and assuming they won’t fall victim to a ransomware attack are well and truly over, and urgent action needs to be taken to prevent such threats and ensure the necessary backup support is in place to protect compromised data.
Our recent study of 100 IT decision-makers revealed that ransomware attacks are extremely prevalent. In fact almost two-thirds of respondents (70%) admitted they had fallen victim to a network attack in the last 12 months, while two-thirds (65%) suffered a ransomware attack.
Torsten George, Cybersecurity Evangelist, Absolute Software, comments:
“Ransomware is without doubt the biggest threat facing UK businesses and remains a frighteningly effective tool for leaving organisations of all sizes completely at the mercy of cyber criminals. The risks have dramatically increased with the rise of remote working, with millions of people mixing home and work devices to answer emails and share company data, making it easier for employees to fall victim to scam emails which contain hostile threats.
In recent attacks criminals have even started exploiting smart phone vulnerabilities to penetrate corporate networks. Recently, a new trend has emerged whereby ransomware attackers not only encrypt an organisation’s systems, but also exfiltrate data and threaten to release it publicly if the ransom is not paid.
Besides applying fundamental measures to minimise exposure to ransomware attacks like implementing cybersecurity training, regularly updating anti-malware tools, and backing up data frequently, organisations must pay special attention to the state of their endpoints. Endpoint devices are often the launchpad from which ransomware spreads across the network. Therefore, it’s vital to have the necessary systems in place to maintain full visibility and control over your device fleet to assure that you can survive inevitable attacks and continue to do business even under attack. This encompasses the ability to ensure that endpoint security controls are always healthy and functioning as intended to keep threat actors locked out.”
Tim Sadler, CEO at Tessian said:
“All too often these ransomware attacks start with a phishing email. Why? Because cybercriminals are exploiting a major vulnerability in organisations’ security – employees on email.
“These phishing attacks are advanced, and carefully designed to trick employees into clicking links, downloading malicious attachments or entering their account credentials which enable a cybercriminal to move laterally across the business. By posing as a trusted party on email or applying a sense of urgency to the messages, attackers can manipulate targets into complying with their requests. And they just need one employee to fall for it.
“So, stop phishing attacks, and you significantly reduce the risk of ransomware attacks in organizations. Businesses that arm their employees with the tools and knowledge to spot phishing attacks will be less vulnerable to this growing danger.”