The threat of an impending cyber-attack on the UK should serve as a catalyst for organisations of all sizes to ensure that simple, yet critical, security policies are in place. This is according to Peter Groucutt, managing director of Databarracks. Recently, a report from the National Crime Agency issued a warning to computer users saying a “powerful computer attack” was due to hit the UK, consisting of two types of malicious software – GOZeuS and CryptoLocker.
CryptoLocker in particular has upped the ante of malicious online attacks in 2014, with Databarracks seeing first-hand the devastating impact it can have on a business. Groucutt says that in light of the threats, organisations should be taking precautions to protect their data immediately:
“CryptoLocker is a particularly nasty piece of malware, which can have disastrous effects on an organisation and the data it holds. Staying up to date on what to look out for might sound simple but if you can recognise and avoid suspicious emails, security breaches are prevented. Also, ensure that antivirus software is kept up to date, as failure to do so leaves you vulnerable.
“Communication is essential – ensure you have clear policies in place for risk management and make sure that your teams understand the recommended procedures to follow during a breach. Finally, ensure all your data is backed up regularly.”
Groucutt continued: “The worst thing an organisation can do is not take this threat seriously. It is foolish to think it couldn’t happen to you.
“Recently, we were contacted by one of our customers, Major Players – a specialist recruitment firm in the creative media and marketing space. The nature of their business means email is critical to their day-to-day operations, but despite having robust security measures in place, they were hit by a CryptoLocker attack.
“They were faced with a ransom message listing the affected files and giving a deadline to either pay up or lose them forever. As soon as their head of IT contacted us, we were able to restore all their files immediately and stop the daily scheduled backups from running, to prevent the encrypted files from overwriting the existing backups.
“Major Players were very lucky in this instance but others may not be. The scary truth is that attacks can happen to any business and if the right precautions aren’t taken the effects can be disastrous. Our advice would be to heed the government’s warning now before it’s too late.”