In the 2022 Cyber Security Breaches Survey, it was identified that of the 39% of businesses that identified a cyber-attack, 21% suffered a malware, denial of service, or ransomware attack. A ransomware attack is a type of malicious software designed to block access to a computer system until a sum of money is paid.

If your business fell victim to a ransomware attack, the cybercriminals behind it will threaten to publish your company’s data or perpetually block access to it unless a ransom is paid. If a ransom fee is paid, there is no guarantee that data will ever be returned to you. This information is valuable as the criminals behind the attack can publicly post the data or sell it on cybercriminal forums and dark web marketplaces for additional revenue.

How does ransomware work?

1. Access - Attackers gain access to your network. They establish control and plant malicious encryption software. They may also take copies of your data and threaten to leak it.
2. Activation - The malware is activated, locking devices and causing the data across the network to be encrypted, meaning you can no longer access it.
3. Ransom demand - Usually, you will then receive an on-screen notification from the cybercriminal, explaining the ransom and how to make the payment to unlock your computer or regain access to your data.

It is important to try and establish how the attackers gained access to your network in the first place so you can prevent future ransomware attacks.

How can I protect my business or charity from a ransomware attack?

• Always back up your data, as restoring your files from a backup is the quickest way to regain access to your data.
• Never click on unverified links, especially when they are from sources or senders that you don’t recognise.
• Regularly scan your emails and systems for malware
• Only download files from trusted sites
• Use a VPN when using public Wi-Fi.
• Do not use unfamiliar USB devices.

Download and print our new infographic - 6 steps to help prevent a ransomware attack and display this in your workplace, email to your employees or include in your newsletter.

How a business or charity responds and recovers from a ransomware attack will hugely affect the impact of the attack. The National Cyber Security Centre has a number of resources designed to help respond and recover, we recommend you take a look at the following:

• How to recover an infected device – Advice for those concerned if a device has been infected https://www.ncsc.gov.uk/guidance/hacked-device-action-to-take
• Recovering a hacked account – A step-by-step guide to recovering online accounts https://www.ncsc.gov.uk/guidance/recovering-a-hacked-account
• Backing up your data – How to make sure you can recover your important photos, documents and other personal data https://www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online/always-back-up-your-most-important-data

How can The Cyber Resilience Centre for the South East help my business?

To help outsmart cyber criminals and toughen up their cyber security, the Cyber Resilience Centre for the South East (SECRC), has been established to provide businesses and organisations, with an affordable way to access cyber security services and consultancy to help improve cyber resilience.

Businesses and charities in the South East can sign up for free Core Membership online and receive a welcome pack full of practical resources and tools that will help you identify your risks and vulnerabilities and the steps you can take to increase your levels of protection. Through your membership, you will also get regular updates on new threats, designed to help you stay safer.

Sign up via http://www.secrc.co.uk/membership