At a Glance – Ransomwear

Stand & deliver

There’s more than one way that a cybercriminal can mess with computer systems. Denial of Service, phishing and water holing are just a few of the methods that can cause considerable damage to a company or an individual. The most recent global cybersecurity breach has targeted some of the world’s most influential businesses, including shipping firm Maersk, Ukraine’s national bank, Russia’s largest oil provider Rosneft and Mondelez International, the owner of Cadbury’s. This widespread attack is thought to be the result of a new outbreak of ransomwear. But what exactly is it, and how does it work?

Simply put, ransomwear is malicious software that infects computer systems. It blocks access to data, then demands a payment before returning access to the victim. In May, a serious worldwide ransomwear outbreak called WannaCry encrypted sensitive data and demanded that a $300 ransom be paid via Bitcoin. The malware was able to spread to other computers by exploiting vulnerabilities in Window’s Server Message Block. One of the most notable victims was the UK’s National Health Service. Security experts believe that the current issues experienced by Cadbury’s, Maersk and Rosneft have been caused by Petya ransomwear, which looks like a repeat of the WannaCry incident.

The scope of the WannaCry and Petya ransomwear attacks demonstrates just how serious the malicious software can be. Once data is encrypted, a victim either pays up or loses their files. However, it is possible to prevent these breaches by investing in malware protection, creating secure backups in different locations, running updates and learning how to detect potential attacks. Whilst the situation is by no means hopeless, these recurring problems show that cybersecurity needs to remain a primary boardroom (and everyday) concern.