Ransomware is one of the highest profile cyber-attack because of the high impact that it has in terms of disruption (you can’t access your files), the risk of data theft (bye bye reputation) and the cost to recover.

A recent study by CyberEdge found the 73 percent% of UK organizations dealt with a ransomware attack, a 15 percent rise on the previous year and makes this attack one that all companies need to be aware of and guard against.

How does an attack occur?

Ransomware is malicious software which means that it needs to be installed on to your system, so to understand how ransomware attacks occur, then you also need to understand how this installation could take place.

There are four main ways that criminals will attempt to get the malware on to a system:

1. Email phishing – criminals will send an email with a malicious attachments or links which will then install malware once you click.
2. RDP Brute force attack – criminals figure out RDP passwords using a technique called “brute force guessing,” which is as basic as it sounds. They simply use a computer program that will try a password and see if it works.
3. Access bought on marketplaces – criminals sell credentials (usernames and passwords) to others to enable access to systems.
4. Direct exploit of network edge - the network edge refers to the area where a device or local network interfaces with the internet. The devices include firewalls, routers, switches and can also include the Internet of Things. Criminals can exploit vulnerabilities found in these to get onto the system.

Phishing and RDP attacks are the most common.

What can we do to?

• Join our community and we can support you getting your company into a position where you are confident your company can defend against or recover from an attack.
• Train your staff so they can identify a phish and know what they do if they fall victim to one. We can help with this. We have affordable Security Awareness Training. Why not find out more?
• Have a clear password policy and enforce 2FA wherever you can.
• Don’t let users run with admin level permissions – this should stop malware being to install automatically.
• Ensure you have offline backups and periodically check that they can be restored.
• Create contingencies plans and practice with Exercise in a Box Toolkit, which provides a ‘dummy run’ of a cyber-attack.
• Obtain Cyber Essentials - by completing this standard you could mitigate up to 90% of common cyber attacks.

Further guidance and support

The Eastern Cyber Resilience Centre is a not-for-profit organisation, run by policing, with the intention of increasing cyber resilience of SMEs and third sector organisations within the East of England.

Our members can benefit from a range of services, from helping you improve your cyber resilience through our “little steps” programme to being notified about the threats relevant to you.

Why not join our community today?

It’s completely free, with no strings or sales pitches attached.

Policing led – business focused.