UK business lags behind in dealing with ransomware

Malwarebytes, the cyber-security company, has found that UK businesses are much worse at dealing with ransomware than businesses in many other countries.

Researching more than 1000 businesses in US, UK, France, Germany, Australia and Singapore it found that 20% of UK businesses felt they had no chance of preventing a malware attack, compared with a global average of 10.5%.

Not only that but UK businesses are more likely to opt to pay ransomware fees. More details of the research here.

Further research from Google reinforces the message that ransomware attacks are a lucrative market that have netted cyber thieves an estimated £19 million in the last two years.

“It’s become a very, very profitable market and is here to stay,” said Elie Bursztein from Google who, along with colleagues Kylie McRoberts and Luca Invernizzi, carried out the research.

It is worrying, therefore, that government research released this week (August 21, 2017) has found that more than two thirds of companies say their directors have no training in responding to cyber-attacks, according to a government survey and one in 10 of the 105 businesses in the FTSE 350 questioned said they had no plan to cope with hacking.

What is a ransomware attack and what to do about it?

The National Cyber Security Centre (NCSC) has some guidance on its website and also offers training to businesses.

It describes two main types of ransomware: “the first type encrypts the files on a computer or network. The second type locks a user’s screen. Both types require users to make a payment (the ‘ransom’) to be able to use the computer normally again.”

It says that users may be tricked into running legitimate-looking programs, which contain the ransomware, either via authentic-looking email attachments or links to apparently genuine websites (otherwise known as phishing). Alternatively, ransomware infections can be introduced via unpatched vulnerabilities in computers, as happened with WannaCry.

The NCSC recommends limiting data user privileges in businesses only to those who need access and also regularly re-evaluating permissions on shared networks and ensuring there are fully-tested back-up solutions and files in place.

Above all, make sure everyone in the business is trained in what to look out for and how to avoid making the business vulnerable to attack.