The volume of cyber attacks is on the rise, and as recent incidents show, nobody is safe from becoming a target. Ransomware has become the cyber criminal’s weapon of choice, yet all too often, the crucial warning signs are missed. Would you be able to recognise such an attack on your business, and would you know what to do next?
What Is Ransomware?
Ransomware is a type of malware that encrypts the files across an organisation’s IT network, before a ransom is demanded in exchange for this data’s safe return. There is usually a time limit imposed, and if an organisation fails to pay, the cyber criminals may destroy the data or steal it, after which they may choose to sell the information on to other criminals.
Such an attack can devastate the organisation involved. In addition to disruption and time lost whilst systems are locked, the reputational damage can cause severe financial losses, and there is the risk of legal liability if sensitive personal data is stolen. Whilst experts recommend that affected businesses do not pay any ransom fee, it can be hard to know what action should be taken instead. With 90% of countries yet to develop a coherent plan for dealing with such hacking attacks, the onus is on business leaders to educate themselves and their staff in order to defend their interests.
Four Warning Signs To Watch
Knowing the tell-tale signs of this kind of hacking attack can pay dividends, and there are four key warnings that should never be overlooked.
1. Phishing emails and lateral phishing emails
Whilst you’re likely to be already familiar with the concept of phishing scams, which often look as though they originate from a trusted source, lateral phishing emails may be a new threat. Lateral phishing emails come from within your business’s network, indicate that hackers have already gained some access to your systems and are now seeking to obtain valuable data. Train your staff to avoid clicking on suspicious links within emails, and to flag any emails which look questionable.
2. Suspicious login activity
If there’s suddenly a rise in the number of failed login attempts, that’s usually a sure sign that a hacker is trying a brute-force attempt to access your IT systems. This is also true for login attempts from a succession of foreign countries, or unrecognised IP addresses.
3. Signs of a test attack
If you discover a couple of computers within your network have signs of being victim to a minor hacking attempt, pay attention. Cyber criminals will often test a victim’s security defences by launching a small scale attack on a handful of machines, which will soon be followed by a full-on attack once modifications have been made to overcome your security.
4. Common hacker tools
Hackers use several software applications, such as Microsoft Process Explorer, MimiKatz, GMER, PC Hunter, Process Hacker and IOBit Uninstaller. These tools help the criminals to circumnavigate your security protocols and access your IT infrastructure. If you see evidence of any of these tools being used on your systems, it’s time to call the experts.
Taking Action
It’s never wise to simply pay the ransom demanded should you fall victim to such an attack. In 80% of cases surveyed, those who paid a ransom were attacked again within a matter of months, whilst almost half of the files were returned corrupted. Instead, the best approach is to build a proactive defence against falling victim.
Working with Reflective IT can ensure your business’s cyber defences are fit for purpose. Our Cyber Security Service is a comprehensive cyber-crime prevention toolkit, including penetration testing, advanced email security, vulnerability assessments and much more. We will even deliver the training that your team needs to recognise and address the warning signs.
Why not get in touch today to discover how Reflective IT can help to protect your organisation, by contacting us on 0207 317 4535, atsupport@reflectiveit.com, or by filling in our contact form online. We look forward to helping your business build the cyber defences it needs for our modern age.
