Secure your business

When your data is held captive: Dealing with ransomware

One of the fastest growing cyber security challenges isn’t that your data will be stolen or destroyed, but that it will be locked away and held to ransom. How much is your data worth, and would you pay to get it back?

When your data is held captive: Dealing with ransomware

You arrive at work and turn your computer on, ready to close a huge deal. Instead of the familiar log-in message, you see a countdown timer and a simple message – your data files are encrypted.

If you don’t pay US$300 by the time the clock runs out, you’ll lose your data forever. You check your email on your smartphone and discover the entire executive team is being held to ransom after someone opened an infected file attachment.

Ransomware is malicious software that encrypts the data on your computers. The only way to recover the data is to break the encryption (typically a difficult and time-consuming course of action); recover from a backup that has not been infected; or to pay a ransom to the hacker that encrypted the data – and even if you pay there are no guarantees you will get your data back.

Australian companies and private citizens are significant targets. According to statistics from Websense ThreatSeeker, published in the Telstra Cyber Security Report 2016, 60 percent of 1.05 million instances of CryptoLocker (a very common type of ransomware) attacks were detected in Australia. This is because Australia is perceived as a relatively wealthy country with the capacity to pay.

Telstra’s Cyber Security Report also highlighted the fact that Australians paid out almost $1.3M in 2014 on ransoms, according to the Centre for Internet Safety, and that this amount increased substantially in 2015.

Like much malicious software, ransomware enters organisations through targeted attacks on individuals. Hackers use tools such as the social media profiles of executives to carefully craft email messages that either deliver malicious software directly to an individual – usually in the form of a new game to try or some other supposedly non-threatening file attachment – or direct them to a fake website that exploits a specific personal interest.

What can you do about it?

The Australian Signals Directorate has published a list of 35 strategies for reducing the risks of cybersecurity threats. Although these cover the wide gamut of security threats, many are applicable in combatting the threats of ransomware.

Keeping systems up to date with the latest security updates and ensuring all users, regardless of their position in the company, don’t have administrative privileges to their computers when they are not needed are good first steps.

Maintaining end-point protection software is critical. Many types of ransomware, such as CTB-Locker, CryptoWall 3.0, CryptoLocker and TorrentLocker, are well known in the security industry and can be thwarted with end-point software. However, malware developers are constantly fine-tuning their attacks so it’s critical to train staff in avoiding ransomware and other malware infections.

Good email hygiene is critical. Gone are the days when email could be considered safe. A good rule of thumb is to never click on a link directly in a message without being 100% certain that the link is safe. Similarly, attachments should not be opened without ensuring they have been scanned by security software.

Network administrators should also block known malicious payloads and ban inbound email and network traffic from known sources of malware.

A regularly tested backup regime will also help minimise the damage should a ransomware infection occur. It’s important to note a ransomware payload may infect a machine many weeks or months before it is triggered so that the impact, and therefore the likelihood of a ransom being paid, is increased.


Five things you can do to mitigate the risks of ransomware
  • Keeps systems patched
  • Limit administration privileges on workstations
  • Maintain up to date end-point protection
  • Practice good email hygiene
  • Backup your data
Download the report

Find out more about our Telstra Cyber Security Report 2016.

Find Out More

Related News

Smiling men at work
Liberate your workforce
Liberate your workforce
2018: The year of employee engagement

New technologies and techniques are changing the way HR professionals maintain employee engagement. Traditional methods of office communication such as phone, email and confere...

Hangers in a wardrobe
Optimise your IT
Optimise your IT
Change rooms change it up: SD-WAN for retailers

What do SD-WAN and a change room have in common? VeloCloud’s Vice-President, Asia-Pacific, Joseph Chung explains how you can use SD-WAN to boost customer experience. How much ...

crossroads in a city with pedestrians
Reach global markets
Reach global markets
Q&A with Paul Abfalter: Building Asia’s digital network

We sat down with Paul Abfalter, Business Development Strategist and Regional Director for Telstra, to discuss the factors affecting digitalisation in the Asia Pacific region. I...

Woman with glasses working on a computer in a server room
Create transformative innovation
Create transformative innovation
Preparing for the unexpected with Stephen Elop

From the printing press to the Internet of Things, exciting disruptions often come with profound unintended consequences for business and society. Tune into our podcast with St...