Ransomware - Britains 'biggest peril'

Ransomware - Britains 'biggest peril'

Posted 12 October, 2021 at 14:05

Author Kevin Hawkins on behalf of H2 Cyber Risk Advisory Services Ltd


Ransomware is being reported as Britains ‘biggest peril’.  Now you might not agree with that, given all that’s going on at the moment, but in Cyber security terms, and in Cyber crime terms, then it is certainly up there with the best of them.  I therefore thought it was worse republishing an article I wrote some time ago.

REvil, Wizard Spider, Grief, Ragnar, they sound like they should be in a Marvel comic.  But there’s nothing funny about these guys.  Operating in countries that do not cooperate with international law agencies and not caring who they attack, including health care organisations, Ransomware gangs are on the increase.

Ransom money in the millions has been paid by some very respectable companies, in order to recover access to their data and keep their companies going.  A quick trawl of the internet produces results that how diverse ransomware targets are.  Whilst the largest target area appears to be the US, the UK targets have included Amey, Hackney Council, Wentworth Golf and Country Club, Scottish Environment Protection Agency, UK Research and Innovation and last month, Serco.  (Source Blackfrog).

The way it works remains relatively the same, regardless of the method used.  Criminal gangs hack into connected IT systems, lock access to them, and then sell a decryption key in exchange for payment in bitcoin.  They have targeted schools, hospitals (you may remember the well reported attack on the NHS a couple of years ago), councils, airports, government bodies (local and central), insurance companies, this list is far from exhaustive.

Anyone who is connected to the internet, is vulnerable to a Ransomware attack.  An emerging sweet spot though, is mid-sized companies that generate enough revenue to make them a target, but aren’t yet large enough to have dedicated cybersecurity resources on board.

Make no mistake, these hackers operate as organised gangs who compartmentalise themselves into specialties.  Some specialise in identifying compromised systems and gaining access, whilst others handle the ransom negotiations.  These hackers operate as organised gangs: some members specialise in identifying compromised systems and gaining access, while others handle the ransom negotiations. It is not uncommon for an investigation to see cryptocurrency transferred into many different cyberwallets).  These gangs to have a ‘signature’ which is often recognizable.  REvil and Psya have flair whilst Ryuk are somewhat robotic in their approach.

A worrying trend is that recently, these gangs have pivoted into extorting individuals.  If victims don’t pay, their data is dumped online, or sold on the dark web to the highest bidder, and of course, there is no way of ensuring that the data isn’t sold anyway, regardless of the victim paying up.

Of course, most people don’t have incriminating or embarrassing data on their private systems, but some do, particularly important people in the public eye for whom data release can be at least damaging, if not crippling.  According to a report from cybersecurity software firm Bitdefender, attacks increased by 485% in 2020 alone. “It’s taken off since Covid because we have more people working from home,” says Sophia, a crisis communications expert who specialises in advising companies who have been targeted by ransomware hackers. Poorly secured remote access logins are a common route in. “More of a digital environment leads to more points of entry for the attackers,” she says. “The last year and a half has been a whole new ballgame.”

So, if you are running a medium size business, or perhaps running a local organisation using your own home systems where you have personal data belonging to others which you are obliged to protect under the DPA2018/GDPR, then you are a target and you need to take some precautions against an attack of this nature.  If you want to know more please don’t hesitate to contact us for a chat.  We specialise in looking after SMEs and understand your challenges.

For more information, contact Kevin Hawkins of H2 Cyber Risk Advisory Services:

T: 0845 5443742

M: 07702 019060

E: kevin_hawkins@hah2.co.uk

More from H2 Cyber Risk Advisory Services Ltd

The Cyber Security Challenges Facing SMEs
Article

The Cyber Security Challenges Facing SMEs

21 October 2021
Cyber Security and Issues Affective SMEs
Article

Cyber Security and Issues Affective SMEs

07 October 2021
What is Protective Monitoring and how can it help me?
Article

What is Protective Monitoring and how can it help me?

30 September 2021
Cyber Security Threats to Small to Medium Businesses
Event & Invitation

Cyber Security Threats to Small to Medium Businesses

23 September 2021
Card image cap
user

H2 Cyber Risk Advisory Services Ltd

SME

Profile Feed
Established in 2016, H2 Cyber Risk Advisory Services is a specialist cyber security and data protection company that focuses on providing innovative and robust security solutions to the UK SME sector. Its founders, Kevin Hawkins and Bob Hay, are amongst the best qualified and most experienced...

15

Press Releases