Executive Summary
- Running a business in the UK has never been a risk-free experience, but with cyberattacks higher than ever, digital threats are the new normal.
- Cyberattacks come in many shapes and sizes, but there’s reason to believe that one particular attack will be most prevalent in 2022: ransomware.
- Ransomware aims to extort money or other forms of payment from businesses by encrypting critical files and figuratively holding them hostage until the business pays up — but there are ways to protect your business.
Introduction
What would you say was the biggest threat to your business in 2022?
Increased competition in your market perhaps? Or changes to consumer behaviour following the global pandemic? Maybe the ongoing supply chain shortages?
We’ll save you some time: there’s now good evidence that the greatest threat to business in 2022 will be ransomware. At least for those operating in the digital space, this malicious form of cyberattack is on the rise — and its consequences could be disastrous.
Here’s what you need to know about the rise of ransomware in 2022 — and what to do about it.
Ransomware 101
If you’re unfamiliar with the concept of ransomware, let’s begin with some of the basics.
You can get the complete picture by reading our dedicated article, What Is Ransomware? The Essential Guide for Small Business, but we’ll cover the fundamentals here.
The most common form of ransomware is known as encrypting ransomware, and it’s a type of cyberattack which aims to extort the victim by encrypting important files on their computer, then displaying a message which demands payment to decrypt them. The payment details are anonymised, often using decentralised cryptocurrencies to prevent detection from authorities.
Other forms of ransomware include non-encrypting, which will flash inappropriate images on a user’s screen or dial premium-rate calls using their system until they pay up; leakware or exfiltration ransomware, which steals sensitive information then threatens to publish it; and mobile ransomware, which aims to block a user’s mobile phone screen or otherwise interfere with their use of the device.
Why is ransomware such a big concern for businesses in 2022?
As we’ve covered on the Get Support blog before, the global pandemic brought with it many changes to our personal and business lives.
But as companies learned to adapt to the ‘new normal’, so too did cyber criminals, meaning the new work-from-home digital economy has quickly become the target of these malicious individuals. Of all of the malware attacks out there, ransomware is becoming the biggest risk, with a rise of over 150% in the first half of 2021 alone. The European Union Agency for Cybersecurity (ENISA) now refer to this period as the “golden era of ransomware”.
How bad could it really be?
Well, according to Cisco Secure, the most worrying thing for businesses in 2022 is the rise of the so-called “double extortion” technique. This occurs when, once a system has been infiltrated using ransomware, the attacker won’t stop at simply encrypting or extorting files, but go on to fish for sensitive information, customer data, passwords, financial records, and anything else they may see as valuable.
With recent large-scale attacks like the WannaCry incident and an ever growing number of organised cyberattacker groups like REvil and BlackMatter hitting the headlines, it stands to reason that ransomware isn’t going anywhere for a while.
So, if it really is here to stay, what can businesses do about it?
Preventing ransomware attacks — 4 quick tips
Ransomware is usually deployed via a ‘trojan horse’ attack, such as when a user opens an innocuous-looking email attachment. Once deployed on a machine, it can spread to a network and do serious damage – but there are ways to mitigate this risk.
Of course, when it comes to cybersecurity, there is no one single solution: a layered approach is always best.
This might include any number of the following strategies:
- Ensure your backup processes are bulletproof. Another topic we’ve covered in some depth in the past, the best thing a business can do to mitigate a ransomware attack is to back up their data as often as possible. In this way, if anything gets taken hostage, you can simply wipe the affected machine and restore from a backup. This is also the only way to retrieve your data should the ransomware attack circumvent your defences. It’s also a great reason to ensure you have ‘air-gapped’ (i.e. physically separated) backups of critical files.
- Deploy robust email filters. If your team aren’t able to open an attachment from an unknown email address, they’ll also never inadvertently unleash ransomware into their local machine or your network. Email filters like these can be obtrusive, so we encourage our clients to work with us to find the right balance between practicality and cyber security.
- Endpoint Detection and Response (EDR). One of the most powerful tools any business can deploy is an EDR system. Unlike traditional antivirus, these platforms are able to detect and act upon potential intrusions in real-time, isolating the computer on which the attack began (the ‘endpoint’), then using mitigative measures to roll back impacted files and prevent the spread of ransomware across the network. To learn more about how EDR protects your business, check out our Plain English Guide.
- Enforce app and device update policies. So-called “zero day” attacks can render any system vulnerable, but many ransomware attacks can target known (and already patched) exploits in hardware and software. To ensure your devices and network isn’t exposed to malware via a known exploit like this, take care to ensure all applications and devices are patched and up-to-date. In the case of mobile devices, you may even want to deploy an MDM system like Microsoft Intune to enforce these controls at the system level.
Need a little help keeping your business secure?
Whether you’re already familiar with ransomware or this is your first time hearing about it, there’s no doubt it’s a big threat to UK businesses.
With that in mind, if you’d like to learn more about how to protect your business along with your unique assets, data, and overall cybersecurity, our IT support team is here to help.
We’d love to talk about how our IT support agreements could help improve your specific cyber security measures, so please call us today on 01865 594 000 or just fill in the form below.