The rise of ransomware and what to do 

The Scottish Business Resilience Centre (SBRC) recently surveyed more than 250 businesses in Scotland about their cyber preparedness and learned that more than a third (38 per cent) don’t feel prepared for a cyber attack.

It’s a worrying trend, especially given that the Sophos State of Ransomware 2021 report found that 35 per cent of British businesses were hit by ransomware attacks in the past year.

A ransomware attack works by cyber criminals encrypting an organisation’s files and holding data hostage until a ransom is paid.

These fees can be extortionate and not every business will be able to pay: DarkSide, one of the more prolific ransomware gangs, has made at least $90m (£63.4m) since August 2020 in ransom payments from fewer than 50 victims.

But even for those who can afford to pay, there’s no guarantee they will get all their data back in
a timely manner. In fact, separate research by Sophos found that companies are only able to restore an average of 65 per cent of their data even after paying a ransom.

Given these odds, it’s clear that businesses should focus their efforts and finances on improving
their cybersecurity defences in the first place and thereby limit the fallout of an attack, rather than assuming they’ll be able to pay a ransom and move on.

The most basic thing that an organisation can do to mitigate this is to check that systems including firewalls and antivirus programmes are up to date. Regular backups are vital, too: organisations are more likely to get their data back by relying on a recent copy than paying ransom.

It’s also important to make sure employees understand that cybersecurity isn’t just the responsibility of the IT department: everyone needs to know at least the basics of cybersecurity, such as not opening attachments or clicking links they weren’t expecting.

A strong cybersecurity strategy goes beyond this, to include role-playing and scenarioplanning that involves a broad range of people in the company to ensure preparedness.

Another consideration as part of a strong cyber strategy is around accreditations, particularly Cyber Essentials. This is a government-backed scheme which can prevent or limit the fallout from up to 80 per cent of common cyber attacks, including ransomware.

The rise of ransomware and what to do I which can prevent or limit the fallout from up to 80 per cent of common cyber attacks, including ransomware.

Only 42 per cent of the businesses we surveyed held the Cyber Essentials certificate – but it’s a simple way for business owners to become more aware of their cyber processes, and could
mean the difference between surviving an attack or losing all their systems and data.

Regardless of the precautions taken, it’s still possible that a business will fall victim to a cyber attack. For those that do, there is support out there, including the SBRC’s Cyber Incident
Response Helpline.

The sooner you get help after an incident has occurred, the greater the chances of recovery.