As we are reporting more and more, we are seeing an increase in ransomware attacks. It is very likely that the distraction and change to working practices caused by the Covid-19 pandemic have provided opportunities for cyber criminals to gain access to your data, and we are seeing more ‘big’ cases emerge such as the cyber security attacks on Garmin, the Premier League and others.
Ransomware attacks can vary in technique, however, generally speaking, a ransomware attack is where the attacker encrypts (locks) your data and will only release that data once they have extorted money from the victim.
If you ever find yourself falling victim to a ransomware attack, the most valuable piece of advice we can offer is act decisively and quickly – in incident response, time is of the essence. Where possible, you should take urgent steps to isolate the device that has been attacked, this will probably involve disconnecting that machine from the Internet or any networks. By doing so, you may minimise the risk of the ransomware spreading to other machines on the same network.
A significant and difficult question to answer is ‘Should I pay the ransom?’
Our advice is, no matter how challenging the situation, you should not pay any ransom. There are a number of reasons for this:
- Even if you pay the ransom, there is no guarantee that you will receive an encryption key – remember, you are dealing with criminals!
- You are very likely to be marked as a ‘ransom payer’ and your information may be passed around criminal networks whereby you could be subject to further attacks
- Even if you receive a functioning encryption key and regain access to your networks, your data may have already been stolen and sold
Take time to educate yourself and your staff be alert to these ever-present threats. Understand that a cyber attack is not always something that ‘happens to someone else not me’, some of the simplest steps you can take will be the most effective and there is a wealth of information available to assist.
If you have been a victim of this type of attack you may need expert advice to help deal with the incident and to learn the lessons, thereby reducing the risk of your becoming a repeat victim.