Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

To pay or not to pay, that is the question: things to consider if you are a victim of a ransomware attack

published on 2024-05-22 14:46:41 UTC by josephross6
Content:


Florists laptop showing locked screen requesting a password. Florist has been subjected to a ransomware attack


What is ransomware?

Ransomware is a major digital threat facing our community. Ransomware is a cyber attack where a criminal gets their software onto your device or network which then encrypts all of your data and locks you out of your devices. This renders you without access to your devices, without access to your data, and critically, it releases your data to an unknown third party. The criminals then claim to have the decryption key which can release your devices and data but they will only provide this if payment is made... hence the name ransomware.


Realising that you are the victim of a ransomware attack is a stressful situation for any organisation, but before you rush to the bank, there are a few things to consider...


Top Tips

  1. Assess the impact of the attack on your business.

    1. How can your business adapt to be able to operate while the attack is ongoing?

    2. What data has been compromised?

    3. Consider legal advice. Do you need to disclose the data leak to the Information Commissioners Office (ICO)? .

    4. What is the financial impact of not paying? Consider business disruption, security improvements, staff overtime, legal expenses, penalties.

    5. How are your staff affected? Stressful situations can affect your staff's mental health, and ensure welfare is continually considered throughout recovery.

  2. Be aware that paying does not guarantee access to your devices or data

    1. Remember that you are dealing with criminals, there is no guarantee that they will hold their end of the bargain.

    2. If they do supply a decryption key, it can take a long time to get the system back in order.

    3. Reverting to a previous backup may end up being more efficient.

    4. Paying criminals does not count as risk mitigation and the ICO does not consider this to reduce any penalty due.

  3. Report the incident to UK authorities.

    1. Use this link to find out which government organisation is best to report the incident to: https://gov.uk/report-cyber.

    2. Contact your local CRC (SWCRC) for support with signposting to NCSC advice and local trusted partners who can help you.


What can I do to prevent a ransomware attack?

  1. If you haven't already, action the SWCRC's cyber resilience beginner level guidance (Join Our Community)

  2. Get Cyber Essentials (CE) certification. Consider Cyber Essentials Plus (CE+) which requires a physical audit of your cyber resilience.

  3. Check to see if your supply chain is CE or CE+ certified. Consider changing suppliers or recommending CE to them.


The NCSC have a full list of considerations which you can see here: https://www.ncsc.gov.uk/guidance/organisations-considering-payment-in-ransomware-incidents.

Article: To pay or not to pay, that is the question: things to consider if you are a victim of a ransomware attack - published 6 months ago.

https://www.swcrc.co.uk/post/to-pay-or-not-to-pay-that-is-the-question-things-to-consider-if-you-are-a-victim-of-a-ransomware-a   
Published: 2024 05 22 14:46:41
Received: 2024 05 22 14:47:24
Feed: The Cyber Resilience Centre for the South West
Source: National Cyber Resilience Centre Group
Category: News
Topic: Cyber Security
Views: 1

Custom HTML Block

Click to Open Code Editor