Ransomware is causing havoc in Britain's National Health Service.
Ransomware is a threat that small businesses are regular victims of. Uncontrolled I.T. environments such as untrained staff, poor I.T. management and substandard security procedures make a perfect environment for this type of threat. Ransomware hides itself using social engineering, and once installed slowly encrypts all of your files using enterprise level encryption. Once the damage is done you are prompted with an ultimation – pay a large fee or lose your data forever. To add insult to injury, you seldom receive the decryption key once you have paid the ransom.
Most small businesses have a very loose policy when it comes to I.T. security. Mostly because they trust their staff, and are not concerned with Hackers. Regrettably, ransomware distributors are not your average hackers. Ransomware has no prejudice to whom it attacks. It does not care if it is small business, large enterprise or Grandma's photos. Ransomware is often embedded in greeting cards, software that claims to speed up your computer, or even alleged antivirus software.
So, if small businesses are the regular victims how did the world’s largest National Health Service fall victim 28 times in 1 year?? The answer is unclear and it is unlikely that the NHS will publish any reports that show any incompetence on their part any time soon. However, given that the disclosure highlights it was NHS Trusts that were compromised, it is quite likely that these trusts fall under different I.T. management, thus not benefiting from the enterprise security of the NHS. This however does not alleviate responsibility from the NHS. If the NHS are sharing data, sharing systems, outsourcing contracts to Trusts, those Trusts should be the held to the same standard of security as the rest of the NHS. A chain is only a strong as its weakest link!
Protection against ransomware should be multilayered. Your normal web, email and end point security is a must. Centralized and managed antivirus provides the tools for early detection and removal. Controlling of permissions to data will limit damage from any security breach. Last but certainly not least software restriction policies are sort of a silver bullet to stopping any unwanted code from running on your computer.
Businesses need take responsibility for their I.T. Security. Outsourced I.T. offers a great benefit to building a secure network, but it does not remove the need to know how your business is protected, and what the current threats are.