Businesses in the south are being warned about a new type of ransomware that uses a spam email disguised as an invoice to lock data and paralyse companies.
Leading IT services provider Aura is warning organisations to be on their guard for a new strain of “Locky” malware, which is being increasingly used by cyber criminals to hold businesses to ransom to decrypt files. Aura’s warning comes as it has launched a practical guide to protect businesses in the South from ransomware attacks.
The free downloadable e-book, The Business Guide to Ransomware, outlines the most common ransomware threats to organisations in 2018 and details practical steps businesses can take to reduce the risk of an attack. It comes as ransomware has become the most popular form of malware used in cyber-attacks, making up almost 40 per cent of breaches, coinciding with a six-fold increase in the number of emails infected by ransom softwares over the past two years.
Ransomware encrypts data on infected systems, locking victim’s files and allowing criminals to demand payment to release them. Cyber criminals typically request payment in the form of Bitcoins or online payment voucher services and the standard rate is about £375, although the cost can run into several thousand pounds.
The guide explains some of the most common and newer types of ransomware, including Locky, CryptoLocker, CryptoWall, and TorrentLocker. Locky disguises itself as an invoice email message and when opened encrypts a large array of file types, before demanding payment to unlock the files when encryption is complete.
Tim Walker, a cybersecurity expert and managing director of Aura Technology, said: “Spam campaigns spreading this new strain of Locky are now operating on a massive scale and it’s important that all businesses are aware of the current heightened threat.
“Ransomware is distributed in a variety of ways and is difficult to protect against because, just like the flu virus, it is constantly evolving.
“Organisations of all sizes have been impacted, but small to medium-sized businesses can be particularly vulnerable to attacks. Frequently, small business IT teams are stretched thin and, in some cases, rely on outdated technology due to budgetary constraints. This is the perfect storm for ransomware vulnerability – and the impact can be crippling on any organisation, both financially and operationally.
“Thankfully, there are tried and tested ways to protect a business against ransomware. A proper ransomware protection strategy requires a three-pronged approach, comprising of education, security and backup.”
Among the protection strategies for businesses are:
- Educate your staff – provide your team with specific examples of suspicious emails with clear instructions on what to do if they encounter a potential ransomware lure.
- Ensure your antivirus software is up to date and includes ransomware-specific functionality.
- A secondary layer of defence is critical for businesses and this makes the backup of data vital. Choose a data protection solution that takes snapshot-based, incremental backups as frequently as every five minutes.
Walker added: “Getting to grips with the various ransomware threats can seem a like a minefield to business leaders, so we have produced this clear and concise guide to help people learn how the malware is spread and how to avoid or recover from an attack. Hiding your head in the sand won’t work, because today’s ransom seekers play dirty, so it’s important organisations are prepared.”
To download the guide visit http://go.auratechnology.com.pages.services/business-guide-to-ransomware