Ransomware is a type of malicious software that encrypts a victims files and demands payment in exchange for the decryption key. It’s in the name – a hacker will hold your data hostage until you pay a ransom.
It is a type of malware (malicious software) that is being used by cybercriminals as a method of extortion that has become more sophisticated in recent times and is now considered to be a major threat to businesses and organisations of all sizes.
Your company may be at risk!
See how with our FREE Security Audit
How do ransomware attacks work?
Ransomware attacks usually begin with a phishing email or a social engineering attack. When the victim opens the email or clicks on a link, the ransomware is downloaded onto the computer, begins encrypting the files on the computer, making them inaccessible. In more sophisticated cases the ransomware will spread out and affect other computers on the network.
Once encryption is complete, the ransomware will display a message on the victims computer, demanding payment (usually in cryptocurrency) in exchange for a decryption key.
Payment in cryptocurrency makes the crime much more difficult to trace
Once the files are encrypted, the ransomware will display a message on the victim’s computer, demanding payment in exchange for the decryption key. The payment is usually requested in cryptocurrency, such as Bitcoin, to make it more difficult to trace.
The frequency and severity of the attacks has increased over the last number of years with the name of each strain in some way disguising the potential disaster that awaits – Wannacry, Locky, Maze, and Gremlin to name but a few.
Double extortion has become a serious issue with cyber criminals who have targeted a victim will exfiltrate data to another location where it can be used for other purposes, leaking it to the dark web or to the public, after decryption has been completed.
What is the Impact of a ransomware attacks on businesses
Some of the higher-profile cases
- HSE Ireland, In May 2021 the Conti strain disabled 80% of the IT Infrastructure within the HSE (hyperlink to the HSE published report https://www.hse.ie/eng/services/publications/conti-cyber-attack-on-the-hse-full-report.pdf )
- Derry City and Strabane District Council A 2020 attack impacted service provision
- PSNI In 2017 was the victim of a ransomware attack impacting the organisations email
- Northern Ireland Housing Executive. The 2021 attack forced the organisation to take its systems offline with staff having to resort to manual processing
- Harland and Wolff. The attack in 2019 impacted the company’s IT system
- Already this year Royal Mail and Rackspace have been breached by ransomware attacks.
Mentioning some of the ‘known’ victims of ransomware attacks in no way diminishes their focus on cybersecurity but highlights the fact that these attacks are happening to every business in Northern Ireland. In the world. If it happens to them it can happen to you.
What we don’t know are the numbers of businesses and organisations who have been victim of attack but have either managed to keep the information hidden or have paid a ransom.
Consider if your business was targeted today and some or all of your data was encrypted.
How would you deal with the immediate impact of downtime? Do you have all of your data backed up safely? Are you sure that it’s safe? Would it be possible to continue manually to carry on as a business or would you have to deploy additional staff, create new processes? How much time would that take and at what cost?
How would your top customers feel if your business had suffered a data breach? Would it have an impact on their trust in you as a competent organisation?
Many businesses do not report ransomware attacks because of the impact it would have on their brand reputation – how important is your brand reputation to your continued success?
How can you protect your business from the threat of ransomware attacks?
Educate employees: make sure that your staff know how to identify and avoid these types of emails
Software updates: regular updates of software can help reduce the threat area, exploited by ransomware. Also ensure that anti-virus and anti-malware software is up-to-date.
Back-ups: ensure that all data is backed up regularly to ensure quick recovery from attack and to ensure that any ransom is redundant.
In the cloud: manage your cloud assets by monitoring all end points
Use strong passwords: weak or predictable passwords make access easier for cybercriminals, stronger and more complex ones offer greater protection.
Implement access controls: limiting the number of employees who have access to sensitive data can greatly reduce the threat area and the risk of ransomware attack.
LoughTec currently provides cyber support to a number of businesses and organisations in a variety of industries throughout Northern Ireland and the Republic of Ireland. We support enterprise scale organisations with £500m turnover and small companies with a more regional focus, all through the implementation of our LoughTec Security Operations Centre (SOC)
Security Operations Centre
How the LoughTec SOC can protect your business?
The LoughTec SOC is responsible for detecting, analysing and responding to security incidents in real time delivered through software, technology and (human) security analysts. In addition to 24/7 monitoring and management, the SOC helps organisations maintain
security policies and procedures, deliver training and provides regular reports on our customers security posture.
Here’s how it works:
No obligation, no cost initial consultation to review your current security protocols, enhanced potential requirements and your main concerns.
Deploy the LoughTec System Security Scan for a deep dive on your current cyber posture as well as your threat risk score and analysis.
Review all findings and create our joint cyber security action plan to mitigate the potential risks.
Implement the required tailored cyber improvement plan and resolution actions for your business.
Ongoing LoughTec account management updates with additional training and support tools and plans available.
Remember cyber threat is a real and constant – there is a good chance that you have already been hacked. If not yet, you definitely will be. It’s important to know that your network is being monitored 24/7/365 – just like you would for your property or plant.
Cyber protection is an investment, not an expense – the LoughTec SOC can protect your most valuable business assets from as little as from as little as £4/day.
For more information and to book a free no-obligation consultation email
Get in Touch with Loughtec Cyber Security
Customer Success Stories
Don’t just take our word for it
“The deployment process was quick and seamless, and was completed across all our endpoints in a couple of days. The reporting from the SOC is essential for us. It gives us a demonstration of its value for money. We can show our directors and management, ‘these are the types of attacks that have happened or attempted to happen, and this is how the system is paying for itself.’
What price can you put on the loss of your data or your business being down for a significant amount of time?”
Brian McCabe, Global IT Manager
“Our business was the victim of two hacking incidents – one in which our IP address was ransomed and we were invited to pay in Bitcoin to release it. The other was an email spoofing incident, where one of our clients was contacted by an unknown source claiming to be us.
“I would strongly suggest an IT security audit, as a minimum starting point for any business. It gives results and advice on things that you would not ordinarily consider in terms of your cyber security.
“The LoughTec Security Operations Centre (SOC) helps protect our IT infrastructure, protecting our business and our data.”
Yvonne Conway, Project Manager
“LoughTec is one of the leading Cyber Security systems providers worldwide and our research highlighted that they provide one of the most advanced file upload malware protection and detection solutions.
This partnership with LoughTec gives us the confidence and assurance that every file system uploaded through our platform is malware and virus free, allowing us to focus on our core business of selling property.”
Ebenezer Akintunde, Software Delivery Manager