Ransomware attacks are a particular variety of malicious cyber attacks. Whereas some prefer to operate in the background and would rather you didn’t notice, ransomware isn’t quite so shy. If you’ve been hit, you’ll know it. As the name suggests, these types of attacks hold your data and systems at ransom, promising you’ll get a key to unlock your files if you pay the price.
Perhaps the most famous example is the WannaCry attack on the NHS. The cost of the devastating attack was almost a massive £6 million, and the effects were disastrous. Hospitals that fell victim had to cancel 13,500 outpatient appointments, including 139 appointments for patients with suspected cancer.
And they’re just as common today. Here are three examples from this year alone, and what you should do if you’re ever affected.
Isle of Wight schools
We’ll start with the smallest attack, yet it’s no less devastating. The Island Education Federation confirmed they’d fallen victim to a cyber attack that would delay the start of the school term. This immediately made people worry that young students’ information could be at risk.
A spokesperson for the Federation said: “We are working with officers from the police Cybercrime Unit to pursue the cyber criminals and understand the full impact of the attack. There are obviously some significant implications of this, which we are managing and will take measures to secure our systems even further in the future.”
Northern ticket machines
Rail provider Northern was hit recently, affecting over 600 touchscreen self-service ticket machines. It wasn’t said what type of ransomware affected the machine, nor what was compromised by the attack. But Northern has assured people that no customer information or payment data was stolen.
A Northern spokesperson said: “We are working to restore normal operation to our ticket machines as soon as possible. We are sorry for any inconvenience this incident causes.”
In the interim, travellers were asked to buy tickets through the mobile app, website, or at ticket offices at the station.
REvil
This is the biggest ransomware attack story of the last few months. It affected up to 2,000 businesses and organisations across the world. The price for providing the master key that would unlock it all? Just $50-70 million.
US IT firm Kaseya obtained and distributed the key, though they declined to say where from or whether they paid. All they had to add was that it came from a “trusted third party”. Kaseya was one of the first to be hit by the REvil attack, which has been linked to a Russian ransomware gang.
What you should do
Despite them being so well-known, ransomware attacks still happen on a regular basis. More often than not, if they happen to you, the attacker will offer to unlock your files – for a price. Some may be tempted to pay the cost, but this doesn’t guarantee they’ll actually supply the key.
If you are attacked, find which systems have been affected and isolate them. Disconnect them from your network. Pull the ethernet cable out if you have to. With them isolated, you can start to triage the affected units and work on rooting out any malware.
Now, let’s talk about payment. The general advice of law enforcement would be to not pay the cost. But, in reality, 65% do actually send the money. Considering this can get into the thousands of pounds, it can be quite the hit. It could also be “scareware” – created just to make you think it’s ransomware, when it’s not actually encrypted your files at all.
You don’t want to take this decision lightly and are better off talking to an expert about it. While there’s no way to be completely safe from cyber criminals, there certainly are measures we can take to prevent attacks and minimise the damage. For businesses, it’s now more important than ever to have the strongest, most secure cybersecurity possible.
Are you ready to protect your business? At Nisyst Cyber Security, we pride ourselves on creating the most efficient and effective cybersecurity solutions. For more information, get in touch today on 01204 706000.