Secure your business

When your data is held captive: Dealing with ransomware

One of the fastest growing cyber security challenges isn’t that your data will be stolen or destroyed, but that it will be locked away and held to ransom. How much is your data worth, and would you pay to get it back?

When your data is held captive: Dealing with ransomware

You arrive at work and turn your computer on, ready to close a huge deal. Instead of the familiar log-in message, you see a countdown timer and a simple message – your data files are encrypted.

If you don’t pay US$300 by the time the clock runs out, you’ll lose your data forever. You check your email on your smartphone and discover the entire executive team is being held to ransom after someone opened an infected file attachment.

Ransomware is malicious software that encrypts the data on your computers. The only way to recover the data is to break the encryption (typically a difficult and time-consuming course of action); recover from a backup that has not been infected; or to pay a ransom to the hacker that encrypted the data – and even if you pay there are no guarantees you will get your data back.

Australian companies and private citizens are significant targets. According to statistics from Websense ThreatSeeker, published in the Telstra Cyber Security Report 2016, 60 percent of 1.05 million instances of CryptoLocker (a very common type of ransomware) attacks were detected in Australia. This is because Australia is perceived as a relatively wealthy country with the capacity to pay.

Telstra’s Cyber Security Report also highlighted the fact that Australians paid out almost $1.3M in 2014 on ransoms, according to the Centre for Internet Safety, and that this amount increased substantially in 2015.

Like much malicious software, ransomware enters organisations through targeted attacks on individuals. Hackers use tools such as the social media profiles of executives to carefully craft email messages that either deliver malicious software directly to an individual – usually in the form of a new game to try or some other supposedly non-threatening file attachment – or direct them to a fake website that exploits a specific personal interest.

What can you do about it?

The Australian Signals Directorate has published a list of 35 strategies for reducing the risks of cybersecurity threats. Although these cover the wide gamut of security threats, many are applicable in combatting the threats of ransomware.

Keeping systems up to date with the latest security updates and ensuring all users, regardless of their position in the company, don’t have administrative privileges to their computers when they are not needed are good first steps.

Maintaining end-point protection software is critical. Many types of ransomware, such as CTB-Locker, CryptoWall 3.0, CryptoLocker and TorrentLocker, are well known in the security industry and can be thwarted with end-point software. However, malware developers are constantly fine-tuning their attacks so it’s critical to train staff in avoiding ransomware and other malware infections.

Good email hygiene is critical. Gone are the days when email could be considered safe. A good rule of thumb is to never click on a link directly in a message without being 100% certain that the link is safe. Similarly, attachments should not be opened without ensuring they have been scanned by security software.

Network administrators should also block known malicious payloads and ban inbound email and network traffic from known sources of malware.

A regularly tested backup regime will also help minimise the damage should a ransomware infection occur. It’s important to note a ransomware payload may infect a machine many weeks or months before it is triggered so that the impact, and therefore the likelihood of a ransom being paid, is increased.

Five things you can do to mitigate the risks of ransomware
  • Keeps systems patched
  • Limit administration privileges on workstations
  • Maintain up to date end-point protection
  • Practice good email hygiene
  • Backup your data
Download the report

Find out more about our Telstra Cyber Security Report 2016.

Find Out More

Related News

Future Ways of Working
Liberate your workforce
Liberate your workforce
Future Ways of Working

A combination of technologies and new approaches to workflow, Future Ways of Working (FWoW) are the building blocks of effective workplace collaboration and an important compon...

man working from his car
Liberate your workforce
Liberate your workforce
Working smart and mobile in 2018

To thrive and stay innovative, organisations need to embrace agile, mobile-focused ways of working. We all know that being chained to your desk and dealing with antiquated syst...

Architect at construction site
Optimise your IT
Optimise your IT
QBCC embraces the benefits of hybrid cloud

To promote organisational flexibility, the Queensland Building and Construction Commission made the switch to a hybrid cloud solution. Find out how the project was completed ah...

People pointing to a computer screen
Optimise your IT
Optimise your IT
Why your organisation needs SD-WAN

Discover why SD-WAN technology is an increasingly attractive choice for rolling out services and applications across an enterprise. With flexibility, speed and a reputation fo...