santiago silver - Fotolia
The latest high profile ransomware attack should be an opportunity for data specialists to talk to customers about looking after their information.
For the second time in as many months a global data attack has hit the headlines and underlined just how vulnerable a lot of customers, across the spectrum, are to ransomware.
Just as people had to get used to talking about WannaCry now the name Petya will be added to the conversation with the ransomware managing to hit systems at the Chernobyl nuclear power plant and the advertising giant WPP.
Many firms will be tempted to pay up and shell out some Bitcoins, particularly given the low amount of $300 being asked for, to get their data back but some industry specialists are pointing out that help could be at hand before that move needs to be made.
"There are many cases of ransomware victims paying the ransom demanded and not receiving their data back in return. Rather than running this risk, companies should work with data recovery experts who may be able to regain access to data by reverse engineering the malware," said Phil Bridge, managing director, Western Europe, data & storage technologies, Kroll Ontrack.
Going forward a smart storage strategy can also help reduce the chances of critical data being left in a position where it can be hit by ransonware leaving a firm struggling to carry on.
"Organisations and individuals must be familiar with what is stored in backup archives and ensure the most critical data is accessible should ransomware target backups," said Bridge "Companies should put safeguards in place, so if one device becomes infected with ransomware, it does not permeate throughout the network."
There were also calls for customers to make further investments in protecting their data to try to avoid further incidents.
"If we do not invest in the cybersecurity of our critical infrastructure we will continue to see massive attacks with economic, employee and public safety ramifications. From the government to the boardroom, leaders need to make cyber resiliency a requirement, putting focus and funding behind it. While the perception may be that if we criminalize cyberattacks we will inhibit innovation, the reality is that if we do not treat cybercrime more seriously, attacks like WannaCry and Petya will start to feel even more commonplace than they already do," warned Matt Moynahan, CEO of Forcepoint.
That pressure to spend on better defences is not going to ease off with ransomware very much the currently favoured attack of the cyber crime community.
"Last year saw a large spike in reported cases of ransomware but in 2017 the number of attacks has quadrupled. 91% of such attacks start with a phishing email, with on average 30% of staff opening phishing emails. These usually occur against large companies but increasingly are targeting SMB businesses in all sectors. The latest attack “Petrwrap” or “Petya” is a close relative to “Wannacry” and affects systems which have not been updated with the Microsoft update "MS17-010"," said Stephen Burke, CEO of Cyber Risk Aware.
"In order to stay one step ahead, businesses should be regularly assessing staff to see if they open phishing emails. Other measures such as having an incident response plan, patching systems, disabling macros, backing up data and testing restores are equally as important," he added.
The survival guide
Kroll Ontrack has put together some advice to help reduce the risk and minimise the effects of an attack:
• Seek help from a data recovery professional before paying the ransom
• Create and follow a backup and recovery plan
• Be prepared by testing backups regularly
• Implement security policies
• Develop IT policies that limit infections on other network resources
• Conduct user training, so all employees can spot a potential attack