David Emm, Principal Security Researcher at Kaspersky Lab, following the recent news which revealed that Lincolnshire County Council suffered a ransomware attack on its systems.
[su_note note_color=”#ffffcc” text_color=”#00000″]David Emm, Principal Security Researcher at Kaspersky Lab:
Recent news revealed that Lincolnshire County Council’s systems were closed down on Tuesday after an email was opened that triggered a ransomware attack. After declaring they would not pay the £350 ransom required to release the encrypted data, the council’s systems were out of action for almost a week. Ransomware attacks have been extremely profitable for cybercriminals over the past few years and are growing – we think they may even out-pace banking Trojans as a way for cybercriminals to make money. These days, the cryptography implemented by ransomware programs that encrypt the victim’s data is extremely secure, meaning there’s little hope of recovering files through a brute-force attack on the encryption itself.
However, despite having their systems down for nearly a week, Lincolnshire County Council was right to stand its ground. Paying the ransom validates the cybercriminals’ business model, leading to the development of more ransomware. It’s also important to remember that once paid, cybercriminals may not provide the decryption key to recover the data. At the very least, paying up should be a decision of last resort, not a routine approach to the problem.
Of course, it is always best to not fall victim in the first place. To avoid succumbing to a ransomware attack, companies should follow strict security policies which include Internet security protection, applying security updates as soon as they become available, user restrictions to prevent them running unknown applications and, perhaps most importantly, employee education. It’s also vital that individuals and businesses backup their data regularly, so that if they do fall victim to a ransomware infection, they don’t lose data. Backups should be made to offline storage, since the data on any storage device connected to the computer at the time of infection will also be encrypted. [/su_note]
[su_box title=”About Kaspersky Lab” style=”noise” box_color=”#336588″]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.