Ransomware is cited as the most significant threat facing the UK, how prepared are you?
The number of ransomware attacks on businesses hit dizzying new heights last year. In the most recent research by the UK’s National Cyber Security Council, 39% of all UK businesses reported a cyber breach or attack in 2020/21, compounding an already difficult couple of years for many SMEs.
In its 2021 Annual Review, the NCSC noted that in the previous 12 months, ransomware had become ‘the most significant threat facing the UK’, we explore what you can do to protect your business.
Capitalising on business vulnerabilities
The uptick in ransomware attacks comes amid an unsettling time for businesses globally – when supply chains are disrupted and there is ongoing economic uncertainty, is a testing time for everyone from the CIO to the average employee. Businesses are reeling on multiple fronts, and cybercriminals are looking to exploit any vulnerability they can find. In 2020/21 alone, as many as 2.3 million UK businesses fell victim to a cyberattack.
Supply chains are the new target
Of course, ransomware isn’t new. Businesses are well aware of the need to be vigilant against cyberattacks through phishing emails for example, but recent cases have demonstrated worrying developments in the method, frequency and potency of ransomware attacks.
One of the most troubling new trends is the readiness of ransomware operations to launch attacks on supply chains. No longer content to target the data of individual organisations, they are increasingly targeting third-party technology providers to gain backdoor access to the data of all the organisations using those tools. In this way, the number of victims – and the value of data taken hostage – has increased exponentially.
Ransomware as a business model
Alongside the mainstay ransomware methods of phishing and attacks on unpatched systems, there are two more worrying new types of ransomware attack that look set to grow throughout 2022 and beyond.
- Double extortion: Gone are the days when attackers simply encrypted data where it sat and demanded a ransom in exchange for a decryption key. Double extortion sees attackers moving data to a different location, and threatening to leak it publicly unless payment is made.
- Ransomware as a Service: Is a pay-as-you-use malware for the career criminal, and offers ransomware as a clearly defined business model. Traditionally, ransomware attackers would have to write their own code for each separate attack and use their own systems to run the operation. Ransomware as a Service gives attackers access to a pay-as-you-use platform that provides the necessary code and operational infrastructure to launch and run a ransomware attack, in exchange for a cut of the ransom payout.
What can you do to defend yourself?
Ransomware is going nowhere and it’s vital for businesses of all sizes and across all industries to have adequate cybersecurity measures in place at every threat level. A multi-layered approach to improving overall IT security should include:
- The human layer, through educating your teams
- The perimeter layer, with a robust firewall
- The network layer, with stringent access control
- The endpoint layer, with anti-virus and endpoint protection
- The application layer, through encryption and content filtering
- The data layer, with encryption and data loss protection tools
- The critical assets layer, with data backup and recovery
Alongside this, it’s a good idea to consider implementing a more robust data management strategy.
Data Management as a Service
M247’s enhanced Data Management as a Service (DMaaS) solution is done-for-you protection for all your data, systems and applications. Using the best tried-and-tested security systems, software and processes, our data management services are designed to keep your data safe and secured, 24/7, and include storage capacity monitoring, recovery testing and backup optimisation.
Contact us to find out more about how we can support your business with flexible, scalable, round-the-clock protection against ransomware and all other forms of cyberattack.