Businesses have been urged to strengthen their defences against cyber attacks amid a rise in ransomware.
Until recently, ransomware was the preserve of digital mercenaries who used their coding prowess to extort money.
But individuals and companies are more at risk than ever as accessibility to the tools behind the criminal technique has increased.
Software security specialists Kaspersky Lab reported a 17.7 per cent rise in ransomware attacks in the 12 months leading up to March 2016, a total of 2.32 million upon an estimated 58 per cent of corporate PCs worldwide.
And it has also emerged that the cyber gangs are employing customer services teams and are willing to negotiate on price and deadline.
Ransomware is malware which encrypts valuable digital files on a computer or device – and potentially other computers on the same network – then demands a ransom for their release.
Altrincham-based Pentest Limited, recently bought by UKFast-owned Secarma, carries out penetration testing for corporate giants.
Their team of ethical hackers seek out security weaknesses on companies’ computer systems and deliver reports so they can act to shore up vulnerabilities.
“Cyber crime is definitely on the increase,” says Mark Rowe, Pentest’s technical director.
“The aim is to disrupt a business by locking the files they cannot do without. A lot of firms are still reliant on desktops and believe they have no choice but to pay these ransoms.”
Ransomware as a Service – or RaaS – makes it possible for people with little tech knowledge to deploy an attack.
For as little as £25 they can download a virus, set a ransom amount and deadline then send an email to their intended victim.
Some virus providers even operate on a percentage model, where they purely take a cut of any ransom that is paid as a result of the use of their ‘product’.
If the recipient of the email opens an attachment containing the malicious code or clicks on a link that infects their computer with the malicious software, a certain number of their files are then locked.
They only become aware of the attack through computer messages which demand the ransom, usually in anonymous currency bitcoin.
Ransoms have typically been in the low hundreds of pounds – or even less – making it likely that victims will pay up to receive an encryption key and get their files back.
That in turn feeds the underground ecosystem, encouraging hackers to continue with their lucrative line in criminality.
However with businesses increasingly targeted, ransoms are rising.
“The focus for criminals has shifted from targeting end users at home for £50 a go to organisations,” says Rowe. “I’ve heard of figures of tens of thousands being demanded.
“Phishing attacks are popular – they are more targeted attacks than the old spam emails, which claimed to be from a Nigerian bank or something like that.
“The criminals do a bit more research into the kind of sites the employees might visit, the type of people they interact with at work, their contacts on LinkedIn. They might send spoof emails purporting to be from an organisation they are used to dealing with.”
Businesses are especially vulnerable as an attack could lead to the loss of files containing sensitive or proprietary information, disruption to operations, a financial cost to recover the files and reputational harm.
The easiest way to guard against a ransomware attack is to back up important files on a daily basis. For a business that could mean accounting documents, legal documents and client data.
Other tips include keeping software up-to-date and regular patch management; educating staff on the potential methods of attack and malicious file types; keeping all features of its security solution switched on at all times; and, above all, refusing to pay the ransom and reporting the attack to police.
However penetration testing can be a vital tool in protecting valuable data and hard-earned reputations.
“Every company is concerned about losing data,” adds Rowe. “Penetration tests and security evaluations can help protect businesses by simulating the kind of attacks criminals may carry out.
“We can give them figures about how many staff members clicked on a link or opened an attachment which could contain malware, for example. Pen tests enable them to see whether they are learning from their training.”
An offensive approach to security is becoming ever more necessary as cyber attacks have rocketed in recent months. Indeed, penetration tests are a component of a full security audit.
Pentest managing director John Denneny believes there could have been many more successful ransomware attacks than has been reported.
“Nobody likes to admit to it – I don’t think many are declared as it doesn’t look good for a company to be that exposed,” he says.
“If you are vulnerable to that threat, it can happen time and again.”