• Covid-19 – click here for the latest updates from Forum Events & Media Group Ltd

Posts Tagged :

ransomware

Financial, retail, healthcare and manufacturing suffer revenue losses following ransomware attacks

960 630 Stuart O'Brien

More than half of organisations have been the victim of a ransomware attack – In the UK specifically, 305 companies were contacted and 84% of businesses that chose to pay a ransom demand suffered a second ransomware attack, often at the hands of the same threat actor group (53%).

The research, conducted by Cybereason, also divulged that of the organisations in the UK who opted to pay a ransom demand to regain access to their encrypted systems, 43% reported that some or all of the data was corrupted during the recovery process.

These findings underscore why it does not pay to pay ransomware attackers, and that organisations should focus on early detection and prevention strategies to end ransomware attacks at the earliest stages before critical systems and data are put in jeopardy.

Key findings (UK-specific) in the research include:

  • Loss of Business: 47 percent of organisations reported significant loss of business following a ransomware attack. Of these individuals, 61% admitted to losing revenue.
  • Ransom Demands Increasing: 51percent of businesses that paid a ransom demand shelled out between £250,000 – £1 million, while 4 percent paid ransoms exceeding £1 million.
  • Brand and Reputation Damage: 63percent of organisations who admitted to losing business indicated that their brand and reputation were damaged as a result of a successful attack
  • C-Level Talent Loss: 45 percent of organisations who admitted to losing business reported losing C-Level talent as a direct result of ransomware attacks
  • Employee Layoffs: 31 percent of those who admitted to losing business reported being forced to layoff employees due to financial pressures following a ransomware attack
  • Business Closures: A startling 34 percent of organisations who admitted to losing business reported that a ransomware attack forced the business to close down operations entirely

Other key findings included in the full report reveal the extent to which losses to the business may be covered by cyber insurance, how prepared organisations are to address ransomware threats to the business with regard to adequate security policies and staffing, and more granular information on the impact of ransomware attacks by region, company size and industry vertical. In addition, the report provides actionable data on the types of security solutions organisations had in place prior to an attack, as well as which solutions were most often implemented by organisations after they experienced a ransomware attack.

“Ransomware attacks are a major concern for organisations across the globe, often causing massive business disruptions including the loss of income and valuable human resources as a direct result. In the case of the recent Colonial Pipeline ransomware attack, disruptions were felt up and down the East Coast of the United States and negatively impacted other businesses who are dependent on Colonial’s operations,” said Chief Executive Officer and Co-founder of Cybereason, Lior Div.

“Paying a ransom demand does not guarantee a successful recovery, does not prevent the attackers from hitting the victim organisation again, and in the end only exacerbates the problem by encouraging more attacks. Getting in front of the threat by adopting a prevention-first strategy for early detection will allow organisations to stop disruptive ransomware before they can hurt the business.”

Biggest ransomware attack in history cripples NHS

960 428 Stuart O'Brien

The Government and NHS bosses have been called upon to answer questions as to how hospitals were allowed to become victims of a global cyber attack that took down services and caused chaos during the weekend.

Hackers demanding a ransom managed to infiltrate the NHS’ computer systems, forcing operations and appointments to be cancelled, as over 40 hospital trusts became the victims of a ransomware attack, demanding payment to regain access to patient medical records.

Mikko Hypponen, chief research officer at the Helsinki-based cybersecurity company F-Secure, called the attack “the biggest ransomware outbreak in history,” with over 57,000 infections in 99 countries.

The NHS has said that at this point there is no evidence to suggest that the hackers had managed to access patient records.

It is thought that a computer hacking group, going under the name ‘Shadow Brokers’, was partly responsible for the attack after it leaked a hacking tool called ‘Eternal Blue’ online in April, developed by the US National Security Agency (NSA) as a weapon to gain access to computers used by terrorists. Other online criminals are thought to have picked up the information online and modified it for their own monetary gains.

Experts have questioned why the health service hadn’t updated its security effectively to prevent the ransomeware from taking hold, with suggestions that 90% of NHS trusts in the UK were using Windows XP, an operating system over 16 years old. Computers using operating software introduced before 2007 were particularly vulnerable. Other computers using newer systems may have failed to apply recent security updates which would have offered better protection.
Writing on his blog, Brad Smith, chief legal officer at Microsoft, said that Governments across the world should treat the attack as a “wake-up call” and feel a “renewed determination for more urgent collective action.” Microsoft had provided free software to protect computers back in March and would be pushing out automatic Windows updates to defend clients from WannaCry ransomware.

“As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems,” Smith said. “Otherwise they’re literally fighting the problems of the present with tools from the past.

“We need the tech sector, customers, and governments to work together to protect against cybersecurity attacks. More action is needed, and it’s needed now.”

Shadow health secretary Jonathan Ashworth said the attack was “terrible news and a real worry for patients” and urged the Government to be “clear about what’s happened.”

The Prime Minister said: “We are aware that a number of NHS organisations have reported that they have suffered from a ransomware attack. This is not targeted at the NHS, it’s an international attack and a number of countries and organisations have been affected.

“The National Cyber Security Centre is working closely with NHS digital to ensure that they support the organisations concerned and that they protect patient safety. And, we are not aware of any evidence that patient data has been compromised.”

WannaCry, also known as Wanna Decryptor, demands each user affected pay $300 in the internet currency Bitcoin to release and restore files. Thousands of computers across the NHS have been affected, potentially costing taxpayers millions of pounds.

Ransomware risk to businesses ‘significant and growing’, says the NCA

960 640 Stuart O'Brien

A joint report by the National Crime Agency (NCA) and National Cyber Security Centre (NSCC) has declared that the risk to businesses from ransomware is “significant and growing” as criminals find new ways to target companies and individuals for money.

Ransomware is a computer malware that installs covertly on a victim’s device that either holds the victims data hostage, or threatens to publish the victims data until a ransom is paid. Smartphones, watches, televisions and fitness trackers could all be targeted by criminals, along with any other device containing personal data such as photos.

The report warns that the rise in devices connecting to the internet meant more opportunities for criminals, with cyber crime becoming more aggressive. Many of these devices have limited, if at all, security built in.

“Ransomware on connected watches, fitness trackers and TVs will present a challenge to manufacturers, and it is not yet known whether customer support will extend to assisting with unlocking devices and providing advice on whether to pay a ransom.”

There are also major concerns regarding sophisticated criminal activity using such high-tech tools against financial institutions, plus basic software that can be downloaded to carry out similar attacks on the general public and smaller businesses.

The chief executive of the NSCC, Ciaran Martin, said that cyber attacks would continue to evolve and the publicans private sectors must continue to work at pace to reduce the threat to critical services and deter would-be attackers.

It is estimated that by the year 2020 as many as 21 billion devices will be connected to the internet by businesses and consumers around the world.

www.ncsc.gov.uk