Earlier this year, Lincolnshire County's IT was shut down for several days due to a ransomware attack. The attack penetrated multiple departments and put numerous individuals at risk, as their private information was infiltrated. The number and frequency of these attacks continues to increase leaving us to ponder what more could happen in future situations and what we can learn from this occurrence.
So what do we know about this incident? It is being referred to as a zero-day attack, meaning that there was a flaw which went undetected by the security software providers. This indicates it is a relatively new kind of attack that software providers did not predict, and thus did not program their software to prevent. Consequently, it may be in your company's best interest to invest in new and current software better equipped to detect and thwart such attacks.
The hackers asked for a ransom of approximately 350 euro in bitcoin, much lower than the initial reports of one million euro. This may be an indication that this type of information is becoming increasingly more common to obtain, thus lowering its overall value. While this information will still be sought after, it indicates that hackers are looking for something bigger and better for their next hit.
Lastly, we also know that the attack was initiated through an employee opened email. This is typically how most attacks occur and are certainly preventable. In many cases, these emails resemble legitimate emails from companies; they use logos, similar phrases, and often urgent headlines to catch the reader's attention.
In order to reduce the possibility of ransomware infiltrating your company's files:
- Train your employees what to look for when detecting such emails
- Conduct exercises by sending examples of phishing emails to employees to see if they are able to identify them
- Give your employees friendly reminders to report anything suspicious and encourage that it is better to be safe than sorry
We can all learn from each other s experiences. By analysing the hacker's moves, we are able to infer their next move. Take proactive steps to protect your company and be one step ahead. Learning from each other is an important strategy in the fight against hacking; and participating today can help bring you one step closer to victory tomorrow.