‘Prevention over cure’ advised in Irish ransomware war

24 Aug 2016

As the number of ransomware attacks in Ireland continues to rise, industry experts are advising businesses to get ahead of the problem before it arises.

Malwarebytes recently revealed a 259pc increase in ransomware attacks in the business world in the last five months. Some 40pc of enterprises have been hit in the past year, with one-third of attacks successful.

A different report found that, specifically in Ireland, around one-in-five businesses have had to pay out on ransomware attacks in the past year.

That translates to an awful lot of companies paying out to criminals for what is, to a degree, a preventable problem.

Ransomware

An Irish illness

Earlier this year, Ireland was found to be the target for a new, costly piece of ransomware called Nemucod. One of the most malicious found at the moment, it accounts for a high percentage of viruses in many nations across Europe, North America and Asia, but Ireland is one of the most heavily affected.

Now cybersecurity company Espion is advising Irish businesses to pay attention, saying a bit of prevention could be better than the costly cure.

“In many cases, perpetrators of ransomware attacks are brazen criminals who run sleek operations enticing victims to pay the ransom with helpful service staff on hand to support them with the data recovery process,” said Colman Morrissey, MD of the company.

“It is this brashness combined with hyper-innovation in new ransomware variants (most likely funded by proceeds of ransomware attacks) that makes this a crime that organisations simply can’t afford to ignore.

Prevention is key

“With ransomware, we strongly advocate prevention over cure and this requires a commitment to build data resilience.”

Suggesting a full suite of preventative measures, listening to support teams, backing up data, monitoring user privileges and addressing “the human factor” are all advised. “End-user risky behaviour”, as well as general lack of awareness, can prove costly, according to Epsion.

“Creating an effective company-wide information security culture can help organisations manage current user risks,” said Morrissey.

“Often this will require change management and culture shift, which needs to be seen to be supported by senior corporate stakeholders.”

Main mouse image via Shutterstock

Gordon Hunt was a journalist with Silicon Republic

editorial@siliconrepublic.com