Facts, fixes and forestalling 

by Andy Payne.


As the dust begins to settle in the wake of the recent, massive ransomware attack, the full scale of the devastation is yet to be told. Having said this, we are able to analyse much of what actually happened and who has been affected.

Firstly, what does ransomware actually do? This form of cyber-attack takes over computer systems once a hostile link or attachment has been opened. Ransomware can lay dormant inside systems and networks for up to 9 months, learning about patterns or even watching your keystrokes. Over this time the criminal can collect data about you, your family, your clients or anything that you have used your device for. The ransomware can launch at any time but can also be executed manually as the criminals rely on human error or our very, inquisitive nature.

This basically means that you will be unable to access any of your files and you are virtually ‘locked out’. There are only two ways to retrieve this data and one of them may mean that you still don’t get your data back. The first is to restore from a previous backup thereby taking you back to a point in time prior to the ransomware being affected. This is the only guaranteed way of getting everything back. The second is to pay the ransom. The WannaCry ransomware demands $300 dollars worth of bitcoin (a digital and virtual form of worldwide currency). Many criminals are very helpful, in fact, their customer service is exemplorary. The will give you full details of how to pay, they may have a hotline is you are experiencing issues and some even offer PayPal as a method of payment. They will send you a sample of your data to prove that they can decrypt it and, once you have paid, they might send you some of it back. You read it right . . . . might!!! In most cases, only 25% of data is actually ever recovered. The safest way by far is to Backup, Backup Backup!!!!

Victims of the recent attack included FedEx, Nissan, Deutsche Bahn Railway, Hitachi, the Ru Bank, Telefonica and the British National Health Service. The attackers used tools stolen from the U.S National Security Agency and is the largest Cyber-attack in History. This should serve as a wakeup call for businesses and individuals alike and should highlight the utmost importance of protecting yourselves online. The main reason for this is that the target was the operating system Microsoft so this wasn’t an attack that was aimed at other commercial organisations, it was an attack on anybody who has a system that uses Microsoft.

So far, the virus has infected computers and servers in over 150 countries – the spread was exponential as once one computer in a network was infected, it would spread to all others within seconds. Something as simple as the opening of a PDF document or the clicking on a link in an email (from a seemingly trusted source/colleague/friend/relative) could infect everyone. Be warned, think before you click!!

I think the message is simple – this is no longer an emerging risk!! The burglar of today is not wearing a balaclava and trying to break into your home. They are silently going about their business behind a screen, learning all about your daily patterns and selling your personal and business data to the highest bidder. How easy is this? Very!! Anyone can buy validated full info (card details, address, National Insurance Number, Driving license, passport etc etc etc) for less than the cost of a meal out for two. Scary stuff – are your details available for purchase online? Hopefully, you will never find out.

The last thing we should do is live in blissful ignorance of this matter as it isn’t going to go away. We all need to take responsibility for our online presence as we would look after our homes, cars or our businesses.

What can we do now? There is a brilliant website which offers free, impartial advice https://cybersecurityawareness.uk/ that leads you through everything you will need to know on how to protect yourselves.

If the ‘burglar’ wants to get in, they will. It would also, therefore, be prudent to insure against the possibility of an attack. Think of it the same as car insurance . . . after an accident, your insurance gets you back in a vehicle and pays for any damage. Cyber Liability and Commercial Crime insurance works the same way – following an attack, the insurance can put you back in the position prior to the attack.

I urge you all to protect yourselves and contact us if you would like us to provide you with any advice about making sure you are adequately covered.

Stay Safe!!