UK-based organisations are getting better at preventing ransomware

The UK is one of the few countries that has seen a year-on-year reduction in ransomware attacks, a new study has found.

According to the 2019 SonicWall Cyber Threat Report, ransomware infections in the UK decreased by 59% in the past year, a stark contrast to the 11% increase globally.

Has the UK learned a lesson?

Several experts believe the UK’s astounding resilience to ransomware is a direct result of 2017’s WannaCry attack. The ransomware tore through organisations across the globe but struck most acutely in the UK – at the NHS in particular.

The attack did little to demonstrate the financial appeal of ransomware for crooks. The incident became so high profile that most organisations learned that it wasn’t worth paying the ransom, and those behind the attack struggled to recoup the money that was paid into their Bitcoin account.

Likewise, the attack didn’t provide an accurate reflection of how incidents normally play out. The malware is usually most successful when it stays under the radar and catches out organisations that lack backup protocols, thereby seemingly forcing them to comply with the blackmailer’s request.

However, WannaCry taught the UK two huge lessons – that ransomware is dangerous and that organisations need to plan for it.

Bill Conner, president and CEO of SonicWall, said that, following WannaCry, “you guys [the UK] were all over [ransomware].”

The attack prompted the UK government, along with the National Cyber Security Centre and UK-based businesses, to confront ransomware head on.

“Most of the vendors in the UK and their customers put solutions in place to protect against multiple family variants of ransomware,” said Conner.

Ransomware solutions

There are two key steps to protecting your organisation from ransomware. First, you should regularly back up your important files. This enables you to delete infected files and restore them from backups.

The process will take a long time – often more than 24 hours – but the loss in productivity will almost certainly be less costly than paying a ransom. Plus, you need to factor in issues other than simply the cost of returning to business. There’s the possibility that crooks won’t keep their word once you’ve paid up. Equally, there’s the risk that complying with their demands has made yourself a target for future attacks.

It’s therefore always advisable to use backups where possible rather than paying a ransomware.

Of course, it’s even better if you don’t get infected at all, and the best way to do that is to boost staff awareness of ransomware. That brings us to the second key step to protecting your organisation.

Most ransomware (and malware generally) is delivered via phishing scams. Cyber criminals plant the malicious code in an attachment and trick employees into downloading it. If you can train your staff to spot a malicious email and report it, you can dramatically reduce the risk of becoming infected.

Get started with staff awareness

Our Phishing and Ransomware – Human patch e-learning course makes staff awareness training simple.

This ten-minute course introduces employees to the threat of phishing and ransomware, and describes the link between the two. Armed with this knowledge, your staff will be able to detect suspicious emails and know how to respond.