Here are a couple of stories showing that ransomware hits large and small organisations:
The Bromford Housing Association has shut down it’s systems as a precaution because of a cyber attack, but the BBC article says they were “targeted”. I’d quite like to know at this stage why they were targeted and what evidence they had for that? Most attacks, according to government research are targets of opportunity because of mass phishing attacks (UK Government. 2022).
Bromford Housing Association targeted by cyber attack – BBC News
Targeted attacks tend to be organisations of high value, high profile, government offices etc. Here is the high value, high publicity type of attack:
BlackCat ransomware claims attack on European gas pipeline (bleepingcomputer.com)
And just this week a real world example of how combining a number of flaws and vulnerability can get ransomware into your systems:
So what can you do?
Just a quick look at this post can make the problem look enormous, so you need to start somewhere. Here is the first step, I suggest you think about, on your road to better cyber security:
“Start your planning, thinking that you may be a “target of opportunity” and take actions to deal with that problem first.“
Have:
- An incident plan
- A ransomware resilient back-up
- A staff training strategy to spot potential attacks
- Excellent anti-virus and advance threat protection
Then expand your defences from there.
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
References
UK Government. (2022). Cyber Security Breaches Survey 2022. Retrieved July 9, 2022, from https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2022/cyber-security-breaches-survey-2022