sb-nz logo
Story image

Ransomware-hit businesses have bigger problems than they realise, expert says

Businesses that have been hit by a ransomware attack have bigger problems than they realise, according to Palo Alto Networks, who says they must consider an entire security audit.

A full audit will help organisations avoid jeopardizing their businesses, the security firm says.

Ransomware is a cyberattack that encrypts business information so that users can’t access the files, effectively locking the business out of its own systems and data. The attackers then demand a fee to unencrypt the data, returning the systems to normal. 

“Quite often when an organisation is hit by a successful ransomware attack, business leaders think if they pay the money that will be the end of the story,” explains Gavin Coulthard, systems engineer, Palo Alto Networks. “In fact, it’s quite the opposite,” he states.

“If cyberattackers got through your defences in the first place, chances are you have bigger problems with your security competencies,” Coulthard says.

“Then, if you pay the ransom, you identify yourself as a business that’s willing to pay and it’s highly likely the attacker will keep coming back for more,” he explains.

“It’s also important to remember that once your data is taken, the attackers can do what they like with it, including selling it or using it to fuel subsequent attacks on you and your customers. Your data can appear all over the internet for other cybercriminals to use or for your competitors to see,” adds Coulthard.

Palo Alto Networks recommends the following five tips if you are hit with a ransomware attack:  1) Have back-ups of everything: if you are targeted, it’s important that you’re not reliant on the information being held.    2) Communicate the risks with staff: make sure ransomware attacks aren’t successful by making your team aware of ransomware and instructing them to avoid clicking on unknown links or emails, which could generate an attack.  3) Audit your security: if you are attacked, you should complete a full security audit to ensure there are no further risks or malware lurking in your systems.    4) Be aware of specific times of year: Christmas and tax time are considered high-risk times for businesses to suffer a ransomware attack. During a time when lots of online transactions are happening, and people may be less wary of emails from people they don’t know, attackers can socially-engineer recipients to click on attachments or links to trigger an attack.    5) Don’t pay: if you are attacked, do not pay the money. This only entices the cybercriminals to repeat the attack, since they now know you are willing to pay, which will create bigger problems for you. Instead, ensure you have adequate backups so you can live without the encrypted data and conduct an immediate security audit.  “Businesses must understand that a ransomware attack is the canary in the coalmine: it’s a warning sign that your security is not up to scratch,” says Coulthard.

“It’s important to react quickly and calmly to ensure another attack doesn’t occur. Simply paying the ransom will not be the end of the attack, so revert to backed-up information and tighten your security immediately.” 

Story image
Sophos Rapid Response puts out the ransomware fire
“Attackers are using a range of techniques and whichever defence has a weakness is how they get in. When one technique fails they move on to the next, until they find a weak spot."More
Story image
Huawei: Corporates must focus on data minimisation and business continuity to mitigate data security challenges
"From a long-term sustainable point of view, organisations will need to adopt data minimisation and privacy by design and default."More
Story image
As digital transformation grows in A/NZ companies, misconceptions about their role in cloud security abound
While an 81% majority of A/NZ organisations are accelerating their digital transformation, a giant 99% of surveyed respondents say they believe their cloud security provider provides enough protection, according to a Trend Micro study. More
Story image
22 billion records exposed from breaches in 2020 — report
The research also found that 35% of the breaches recorded by Tenable were caused by ransomware attacks, while 14% of breaches stemmed from email compromises.More
Story image
Online gaming a 'hotbed' for DDoS attacks — report
The latency and availability issues present in online gaming, in particular, presented an attractive target to attackers, in addition to the enduring popularity of gaming in the era of COVID-19.More
Story image
Cybercriminals leverage AI to sustain attacks on enterprises
What is less discussed is how cybercriminals are taking advantage of those very same technologies to automate their attacks, too.More