Ransomware attack? It may not be quite what you think

A lot of people have predicted that ransomware will be the big cyber security story in 2017. But not many have realised that fear of ransomware is a problem in itself.
Research from Citrix published today has shown that two in five large UK businesses have fallen victim to con artists who claim, falsely, to have launched a ransomware attack and then demanded a ransom. And such is the fear of ransomware that nearly two thirds of these businesses have paid the ransom demanded for the non-existent attack.
In the research, 500 IT decision makers in large businesses were questioned about sham ransomware attacks. In these attacks scammers claim that extortion software has successfully infected an organisation’s computer system and demand payment to release data; on average businesses are paying out over £13,000 to these tricksters.

The vast majority of companies do consider whether the demand is a bluff; but having considered this, well over half go on to pay the “ransom”.
Ransomware is rightly feared by organisations that have failed to take appropriate precautions in the form of robust back up policies, alongside cyber hygiene processes to keep malware out in the first place. As Chris Mayers, chief security architect at Citrix, puts it: “Cyber criminals are on the lookout for easy wins and are taking advantage of fears around ransomware to make money from ‘bluff’ ransomware attacks. With so many UK businesses falling victim to these scams, learning to distinguish real threats from a false attack can save considerable sums.”
Well that’s true. But the monetary loss from these fake attacks is probably insignificant compared with the management and worker time lost as normal operations are interrupted while security departments try to find and defuse these non-existent attacks. In addition, organisations that discover they have been fooled by a fake attack are likely to be less proactive about defending themselves in the future, leading to potential problems later on.
The solution would seem to be combining robust work processes to respond to attacks with appropriate technology to identify whether threats are real, and isolate them if they are.

© Business Reporter 2021

Top Articles

Reforming upskilling strategies for the changing work landscape

Leaders across industries must upskill the workforce to deliver new business models in the post-pandemic era

Green or greenwashing?

Procurement must stamp out greenwashing from supply chains, to ensure that organisations’ products and goals are not just a “green…

American View: Why Do Cultural Taboos Frustrate New Technology Implementation?

Businesspeople seldom evaluate new technologies on capabilities alone; why do peoples irrational beliefs impede attempts to discuss worthwhile innovations?

Related Articles

Register for our newsletter

[ajax_load_more loading_style="infinite classic" single_post="true" single_post_order="previous" post_type="post" elementor="true"]