Cyber Security can seem to be a bit daunting to a big organisation, never mind small businesses. With a deluge in attacks that is only growing by the day and tactics mutating like a super-virus, it can be confusing as to where to start and what to do first. For some businesses, the reality of how little they know about their own security only comes to bear when they are attacked and for many, this is increasingly frequently when ransomware drops into your mailbox.
As cited in a recent presentation by Europol, Ransomware is a growing threat internationally as it has been for a number of years. However now, its growth is augmented by dark net ‘Crime-as-a-Service’ where ransomware campaigns can be bought and serviced by the ‘service provider’ from as little as $15 per month. It’s cheap and effective and the Return on Investment for the criminal is huge when you consider the size of the lists they buy (also on the dark net) and how much they can reap from a single company. Other key trends and threats include:
- DDoS continues to plague businesses around the world
- Card-not-present and skimming scams continue to grow
- Crypto currency users and exchanges are increasingly being targeted, so pay attention to the security on any of your wallets, if you have them.
- Crypto-jacking is on the increase. Is your computer running slowly? There is still some debate as to how much of a crime it is, but it can certainly have a detrimental effect on business where it hijacks CPU power to mine crypto currencies.
- Social engineering is still the key engine to cyber-crime providing much of the information needed for phishing and ransomware campaigns. It is as relevant in your personal life as much as business. The information fuels strategies such as BEC (Business Email Compromise) scams which are on the increase, enabling criminals to spoof identities and re-direct invoice payments and even salaries. This is being used for small companies as much as global organisations.
- Darknet markets are growing and facilitating illegal business, and now often hybrid with ‘traditional’ illegal activities.
It may be a surprise then, if you’re sitting in your office in rural Hertfordshire, that Europol has resources that can help. Of course, I’m not suggesting that you call the head of Europol as your screens freeze, the security services get that privilege.
What does Europol do? Well, they work with security services, not just across Europe but with partner countries (such as the US…and soon to be the UK) globally. This means they can help investigate and co-ordinate campaigns against criminals online. In the past year alone, they have shut down a number of dark net marketplaces, XEDIC being one and helped bring down the world’s biggest DDoS for hire website. What they learn, goes into information which is shared among partner countries for the continued, co-ordinated defence against cyber-crime at a nation-state, business and, as a result, individual citizen level. Much of this information is continually being fed into a free resource for businesses of any size to use.
But first off…
Don’t pay the ransom!
If you are the unfortunate recipient of a ransomware attack that has been clicked on, don’t panic! It’s tempting to pay the ransom but take a breath and look at your options. In a recent cyber security presentation we attended, the message from the Head of Strategy at the European Cybercrime Centre was, ‘Don’t pay the ransom’. If you do, you simply become a key target for repeated future attacks because they know their tactics work. And yes, they are that sophisticated that they know who has clicked or opened an email and adjust their campaigns accordingly.
What are the options?
- Check your back-ups. How serious is the threat? If you have up-to-date back-ups, your business data is safe, you just need to get your systems released. All you then have is downtime, not a data compromise. If you don’t have back-ups, get them implemented as soon as possible.
- Get help. Contact your services providers and if you don’t have a cyber security firm on speed dial, find a business that can help you unpick the lock.
- Use free resources. Europol has set up a free site for any business to use called nomoreransom.org. This service is an international platform with a 134 international partners. They have developed 66 tools that are available for free that can decrypt data across 98 ransomware families. So far, they have unpicked the lock on 72,000 devices. You might just find the tool you need on this site.
Go to www.nomoreransom.org for more info.