In a strange quirk of history, the first-ever ransomware attack, 35 years ago, was related to a virus that spread across the world.
In 1989 AIDS researcher, Joseph Popp PhD, distributed 20,000 floppy disks to attendees of the World Health Organisation’s AIDS conference saying the disks contained a computer-based questionnaire to gauge the risk of contracting AIDS. The disks were in fact infected with malware that became known as AIDS Trojan Horse or PC Cyborg Trojan. (Source - Palo Alto Networks). The malware was only activated after the computer was turned on 90 times, displaying a ransom note on the screen demanding between $189 and $378 for a "software lease".
What is ransomware?
It’s a type of malicious software that blocks access to systems and devices that store a business or organisation’s critical data. The files are encrypted, and ransom payment demands will be made in exchange for the release of the information and restoration of access.
The recent growth in the number of ransomware attacks means organisations need to be more vigilant than ever. Ransomware is often delivered in the same way as many other types of malicious software. For more information on how to defend against this type of attack The National Cyber Security Centre (NSCS) provides the following guidance – ‘
Mitigating malware and ransomware attacks’.
To pay or not to pay ransom demands?
The Cyber Security Breaches Survey 2024 says almost half of businesses (48%) and 37% of charities have a rule or policy to not pay ransomware payments, which is lower than last year (businesses - 57% and charities - 43%). A high level of uncertainty remains among organisations on this topic, with 20% of respondents and 23% of charities saying they do not know what their policy on this is.
The NCSC has produced ‘
A guide to ransomware’ to help with decision making when it comes to paying a ransom and the recommendation is *spoiler alert* not to pay. We encourage you to gain an understanding of why.
Whatever your stance on this divisive topic is, we have put together some suggestions of how you can increase your protection against the threat of online crime.
- Train employees to identify malicious email attachments and the dangers of downloading from disreputable sources.
- Encourage staff to report problems as soon as they occur, without fear of sanctions.
- Use layers of defence to give more opportunities to detect malware.
- Assume that malware will infiltrate and take steps to limit the impact and plan your response.
- Make regular backups and ensure you have up-to-date backups of important files; so it’s possible to recover data without having to pay a ransom.
- Test your backups to make sure that the files can be restored.
- Make sure the backup capability (external hard drive, USB stick or in a cloud service designed for this purpose.) is not permanently connected to your network or device.
- Cloud syncing services (Dropbox, OneDrive, SharePoint, or Google Drive) should not be the only backup. They may automatically synchronise the infected file.
- Prevent malware being delivered to devices and reduce the likelihood of malicious content through the firewall and block websites that are known to be malicious. Public sector organisations are encouraged to subscribe to the NCSC Protective DNS service; this will prevent users from reaching known malicious sites.
- Prevent malware from running on devices, keep all devices well-configured and up to date and install security updates as soon as they become available. Enable automatic updates, use the latest versions of operating systems and applications to take advantage of the latest security features
- Another consideration is to become a Police CyberAlarm (PCA) member. PCA is a free tool designed to work alongside your current network security devices and further analyse any suspicious data coming through to your systems from internet sources. When you become part of the community you will automatically increase the strength of your cyber posture. Membership includes regular security updates and reports to help you gain a better understanding of current threats and more. Register your interest today!