RS – Ross Saunders, Director: Global Technology Services at Cura Software Solutions
What is ransomware?
RS: Ransomware is a piece of malicious software, similar to a virus, which holds your data hostage by means of encryption or data theft. It is normally delivered by means of a Trojan, a piece of software often disguised as a day-to-day email attachment or legitimate application. This then results in your data being unusable or leaked out to the public if you don’t pay a ransom to the attacker.
My SME has been hit with a ransomware attack, what are my options?
RS: Your best approach is to clean the ransomware and restore from an offline backup. Alternatively, you can look at paying the ransom, after which there may be no guarantee that your data would be decrypted successfully or kept private, and you’re still putting money in the hands of criminals. If you have the budget, data forensics may be able to restore previously deleted files, but again there are no guarantees, and it may end up more expensive than the ransom. Prevention is far easier than the cure in a ransomware attack.
What happens if you don’t pay?
RS: In the case where your data has been encrypted, you won’t be able to recover your data. Years ago, ransomware was simpler and there was a chance that you could recover the keys, but with modern complexity it is unlikely. If your data has been stolen with the threat of it being leaked out, you may find that that is what happens.
Why has ransomware continued to be such a major threat?
RS: It continually evolves and is quite lucrative, with attackers receiving money in the shape of cryptocurrency or other difficult-to-trace methods from desperate victims.
What’s the most important aspects SMEs should be focusing on to meaningfully reduce their risk?
RS: Meaningful reduction of risk can come from something as simple as avoiding risk management being a “tick box” exercise. Using a tool such as Cura’s SaaS “Risk Lite” solution instead of a spreadsheet – which does not contain any built-in accountability – allows SMEs to manage the risk and enforce the process and accountability, without it becoming a burden.
Some ways to keep the risk process effective are:
- Keeping the risk processes simple to start with.
- Ensuring risks within the organisations are correctly understood.
- An example of a common mistake is assessing causes as risks, which can lead to an unnecessary amount of data. A correctly structured risk framework will prevent this.
- Creating accountability and awareness.
- Ensuring risks are monitored and controls enforced.
- Avoid the masses of spreadsheets
- Look at the positive side of risks (we are managing the risk arising from opportunities that the company has).
How do you anticipate ransomware attacks evolving over the next 12 months?
RS: The Internet of Things (IoT), and other devices connected to the Internet are vulnerable to external influence. With this in mind and with ransomware becoming more complex, we may see ransomware affecting more than just our computers. A UK-based security firm has already demonstrated that a bug in a commercially available “smart thermostat”, could be exploited to give control of your office temperature to a remote user, only to be released on payment.
What impact has the ratings downgrade/recession had on risk management?
RS: Business Risks (Enterprise Risk), for example “supplier failure” and “client non-payments” are more likely to occur in tougher economic times. Companies that are more risk aware, should be conscious of what business continuity plans they have in place should these risks materialise.
Original post: http://www.smetechguru.co.za/q-ransomware-ross-saunders/