The recent WannaCry attack was one of the first highly publicised attacks in which ransomware was weaponized and used against numerous companies at once. It has caused many businesses to wake up to the reality of cyber extortionists.
Ransomware refers to a type of malware that encrypts or otherwise restricts access to a machine or device. As part of the attack, the attacker will demand that the victim pays a ransom to receive the encryption key or otherwise recover access to the compromised machine.
The malware is usually delivered via phising emails (emails that carry malicious attachments or instruct you to click on a URL where malware surreptitiously crawls into your machine) or via malvertising. Malvertising involves compromising an advertiser’s network by embedding malware in ads that get delivered through websites you trust.
4 ways in which a POPI project will help
1. Back it up.
The single biggest risk (and cost) of a ransomware attack is the impact it has on your business continuity. Can your services continue if critical data or machines are being held ransom? Companies may elect not to pay the ransom because they have a sufficient backup of data maintained on offline or cloud-based systems. For example, from a business continuity perspective, there may be no practical difference between a ransomware attack that locks an employee’s company-issued laptop and the physical theft of that laptop. As part of a POPI project, you would have reviewed your company’s business continuity plan and made sure that you catered for this situation.
2. Restricting access.
If you have done work towards becoming POPI compliant you would have implemented proper user access controls and the use of strong passwords. Employees should only have secure access to that data that they need to perform their specific function in the business. Other data should be off limits. Limiting the data and systems that an employee has access to, limits the reach of an attack on that person’s laptop.
3. Have an incident response plan.
Companies must be ready to respond to security breaches swiftly and effectively. During your POPI project, you would implement a data breach detection and response policy and procedure and train your employees. Therefore, you’ll be prepared for an attack and can (calmly) follow the procedure.
4. Mo’ data mo’ problems.
One of POPI’s principles is that only the minimum personal information should be collected and processed – it is referred to as the ‘minimality’ requirement. Companies must not collect Personal Information which is not required for a defined purpose. If your company follows this principle you’ll have less data to backup and to recover.
The good guys.
The “No More Ransom” website (https://www.nomoreransom.org/index.html) is an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and two cyber security companies – Kaspersky Lab and Intel Security – with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals.
Visit their website for tips on how to avoid becoming a victim of ransomware and on decryption keys for some of the most common threats.