Welcome to #WeekendWisdom number 32. This week we’re going to talk about Ransomware incidents … again.
Didn’t you already talk about ransomware incidents?
I previously talked about ransomware back in #WeekendWisdom number 10 but as it’s constantly evolving threat model it’s worthwhile coming back for an update.
Earlier this week the Honda Motor Company has been reportedly affected by a ransomware incident. The Snake ransomware that is in the reports, typically targets industrial control systems. So it would appear that production has been stopped globally for Honda.
Aha, so it’s only after the big boys?
But it’s not just big corporations that get affected by ransomware. The Verizon data breach investigations report from last year showed that of the 32,000 incidents that they investigated, some 1,500 were ransomware related. So small businesses get targeted as well.
So what’s new in the world of ransomware?
While email is one of the popular vectors for ransomware, criminals are now turning to scanning the internet. They look for vulnerable remote access solutions that businesses have put in place as a result of the COVID19 crisis. If they find a weakness in these, they will break into the company’s network. After that they look around, find some juicy data, important, confidential information. They will download it to themselves and then they’ll execute the ransomware.
What happens then?
Then they say to the company, “Now you must pay us to unscramble the data.”
The company says “No thanks. We will restore our backups.”
The criminals will then say “Well OK, we’re going to breach all this data that we stole from you. So give us money still so we won’t breach it.”
So that’s what they’re doing.
What do we do to stop this?
So if you put in place or have in place a remote access solution, have that independently verified and checked to see if it is vulnerable or not and make sure you remediate anything as soon as possible.
So that’s it for this week. Let’s be careful out there and we’ll talk to you again next week.
How can L2 Cyber Security help you?
We offer a full range of training programmes, which can be delivered online or in-person*.
L2 Cyber Security are also a partner of CyberRiskAware for online self-directed Cyber Security Awareness training.
We can also provide assistance on implementing mitigation measures to help protect your business from #Ransomware.
Contact us for more information at info@L2CyberSecurity.com.
*With appropriate social distancing and other health and safety measures adhered to.