RANSOMWARE ATTACKS COULD HOLD YOUR DATA HOSTAGE ANY TIME

Imagine reading this message: “Your files have been encrypted with the strongest military algorithms… without our special decoder it is impossible to restore the data.”

What would you do? It’s the stuff nightmares are made of.

Back in March, this message was received by the global corporation Norsk Hydro, paralysing its computer networks across 170 different sites in 40 different countries.

The Oslo-based firm is one of the world’s largest producers of aluminium and was forced to halt some production on March 19, switching other units to manual operation after hackers blocked its systems.

The hack cost the company nearly $52M in its first quarter and when the attack happened the entire workforce of 35,000 people had to resort to pen and paper.

Attacks are growing in popularity and sophistication

The attack used a virus known as LockerGoga, a relatively new strain of so-called ransomware, which encrypts computer files and demands payment to unlock them.

Ransomware attacks like this are becoming more popular. In fact, researchers at cyber-security company Malwarebytes say that compared to the same time last year, business detections of ransomware have risen more than 500%.

Not only are attacks becoming more popular but they’re becoming more sophisticated too. Whoever is behind LockerGoga appears to be adding new capabilities to the ransomware, including the ability to manipulate WS2_32.dll. This is a dynamically linked library in Windows that is used to handle network connections as well as the use of undocumented Windows APIs – a kind of sophistication that may eventually lead to the ability to install command-and-control capabilities.

Why companies shouldn’t pay ransoms

Paying ransoms fuels hackers on a global basis and often leads to more organised crime and hackers’ demands, usually an exchange of untraceable Bitcoin, are increasing.

Although Norsk Hydro are down a huge amount of money, they are holding fast and haven’t responded or even asked the hackers how much money it would cost them to gain access back.

Instead, they are being praised for their actions. Law enforcement organisations and the information security industry are calling this response “the gold standard” because not only did they refuse to pay the hackers, but they’ve been completely open and transparent with the outside world about what has happened to them.

Protect your company

The best way to protect your company from ransomware attacks is to be prepared.

As data protection specialists we can advise you on the best ways to protect your company as thoroughly as possible. From compliance audits and gap analysis services to risk assessments and consultancy advice, we’re here to help.

Contact us on 01673 88 55 33 for more information.