Cybersecurity Series: Ransomware
In the wake of WannaCry, ransomware has gone from being a significant threat identified by the cybersecurity community, to a globally recognised problem.
Ransomware typically encrypts data on a user’s device so that they cannot access it (alternately it blocks access to the operating system or the master boot record that allows the operating system to start up). The attackers are using something almost unhackable, which was designed as a security measure, as part of an attack.
In the WannaCry incident, reporting was used to spin political agendas, suggest that hackers had actively targeted the wellbeing of UK citizens and in many cases victim-shame.
The uncomfortable truth of the matter is that the NHS was not specifically targeted and the attacker’s motive was far more likely to have been financial gain than disruption. These weren’t hacktivists, this wasn’t political statement, or terrorism.
The motivation for circulating ransomware is to hold data to ransom – whether it’s family photos or sensitive financial data, the attacker hopes that it is valuable enough to the victim for them to pay for its release... and studies have shown that a surprising number of businesses do pay.
Reducing the threat of ransomware could only occur through a (unlikely) collective decision never to pay. Unfortunately, while there remains an incentive for victims to pay there remains incentive for attackers to create increasingly sophisticated strains of ransomware.
In response to Wannacry, the then Defence Secretary Michael Fallon said that the NHS had been “warned again and again” about needing to improve its cybersecurity. Microsoft released a statement saying that they had provided patches that could have prevented the attack. Some organisations, for a variety of reasons, had been unable to act on cybersecurity advice.
CLICK HERE: In this publication we explore what ransomware is, how an organisation might be susceptible to an incident and what impact this might have on the organisation.
ABOUT OUR CYBERSECURITY SERIES
Clayden Law has teamed up with technical expert, Emma Osborn. and over the next few months we will provide some back-to-basics analysis of the technical, legal and data protection issues surrounding cybersecurity, aimed at organisations’ non-technical decision-makers. Together, we’ll be highlighting key cybersecurity and data privacy fundamentals and looking at the interplay between law and practice in this area. For more information, click here.