A run of high-profile cyber incidents in the legal sector has once again highlighted the growing vulnerability of the modern connected enterprise to concerted criminal action. How can we best prepare for the particularly insidious attack that is ransomware?
A run of high-profile cyber incidents in the legal sector recently has once again highlighted the indiscriminate and pernicious nature of attacks, and just how vulnerable organisations remain even with what they feel to be significant protections in place. Keeping one step ahead of a clever determined attacker is harder now than ever.
Ransomware continues to disrupt and destroy. Typically an automated-based attack, ransomware works by infiltrating a machine with the purpose of initiating widespread encryption whilst demanding a ransom to release its footing. Important documents, files and areas of the operating system are often locked down, with the private key firmly in the possession of the perpetrator. A warning can also be used such as deleting the filesystem, concurrently displaying a visual countdown timer on the victim’s monitor for them to sweat over. The victim has a key decision to make – pay the ransom in the hope they will unlock their assets or ignore the request and attempt to remove the ransomware themselves and remediate systems in line with disaster recovery planning.
High profile incidents are a timely reminder that you always have to prepare for the worst: there’s a number of practical steps that you can take to mitigate the risk of being the next victim.
• Keep your programs and operating system up-to-date
• Avoid clicking unknown links
• Do not open suspicious email attachments
• Avoid disclosing personal information
• Never use unknown USB sticks
• Use only verified download sources
• Keep your firewall and anti-virus up-to-date
• Use VPN services over public Wi-Fi networks
And if you are unfortunate enough to get hacked? Then take confidence in the fact that there are specialists who can move swiftly to help and can advise on a) how not to make a bad situation worse and b) how to recover assuredly, safely and quickly.
CCL’s Director of Cyber Paula Page leads on cyber investigative response and she can be contacted here