That anti-phishing training email your employees just received may, ironically, actually be a phishing email,…
British firms were hit by nearly 5,000 ransomware attacks last year, forcing them to pay out nearly £210 million in ransoms to cyber criminals, according to the US cyber security firm Emsisoft. The company says that organisations are now showing ‘more willingness’ to pay ransoms due to fears of public embarrassment, lost data and potential penalties from regulators.
Emsisoft estimates that cybercriminals who use ransomware as a tool for making money are now making approximately £19 billion annually from the practice worldwide. Some of them are so successful in the trade they have started posting job listings on the Dark Web.
Most of the ransoms British firms paid in 2019 were in the form of cryptocurrencies, which are usually difficult to trace to individuals. In many cases, the crooks who received the money were based in Russia and Eastern Europe.
The UK was sixth in the list of countries paying out most ransoms to cyber criminals. The US topped the list (paying $1.3 billion to hackers), followed by Italy, Germany, Spain and France in that order.
The revelation has come at the time when British MPs have been demanding stricter laws against the payment of ransoms. Paying a ransom is not illegal in the UK, unless it is linked to terrorism.
“It should be illegal. Companies are just being irresponsible in paying these people off,” former cabinet minister David Davis told The Times.
Last month, US cloud computing provider Blackbaud publically disclosed that it had paid a ransom to hackers following a data breach that affected dozens of customers, including British universities and other institutions.
The company said that it paid the ransom after the hackers promised they would destroy all stolen data.
Last year, the FBI advised organisations and individuals not to pay ransoms to hackers in exchange for decryption keys. The agency said that paying a ransom encourages criminals to target more people.
Ransomware as a disruption to operations and finances isn’t getting any better. And you should assume it’s only going to get worse over time. Ensuring your security strategy encompasses every part of the environment the attack touches – and that includes your users – is the only way you’re going to be able to stop these attacks before they start.
With thanks to the Cyber Defence Alliance and Computing. The full story is here: https://www.computing.co.uk/news/4018596/british-firms-gbp200m-ransoms
Free Ransomware Simulator Tool
Bad guys are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?
KnowBe4’s “RanSim” gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 18 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.
Here’s how it works:
- 100% harmless simulation of real ransomware and cryptomining infections
- Does not use any of your own files
- Tests 19 types of infection scenarios
- Just download the install and run it
- Results in a few minutes!
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/ransomware-simulator-tool-partner?partnerid=001a000001lWEoJAAW