Welsh firms are increasingly having to submit to cyber ransom demands to keep their businesses up and running, says a South Wales IT expert.
The cost of this form of criminality is estimated as high as £27bn in the UK – and this type of crime is on the rise.
Luke Hodge of B2B IT, the Cardiff-based specialist IT firm in dealing with cybercrime, is an expert at helping businesses cope with disaster recovery.
Mr Hodge is a speaker at cybercrime seminar with leading Welsh lawyers Capital Law later this month. The event, which will be co-presented by Capital Law employment lawyer Alex Christen, will look at the growing threat to small businesses in Wales, and what can be done to prevent it.
All too often, says Mr Hodge, firms and organisations believe they have adequate protection in place.
“Sadly, that’s just not true for many,” he said. “They are having to pay ransoms running into thousands of pounds, finding some of their staff are distraught after the attack and losing valuable business time before they can get their IT systems back up and running again.”
Mr Hodge explained that companies are subject to cybercrime attacks by ransomware despite having antivirus and antispam software in place.
“Malware protection is the only way to give any level of protection, traditional forms like antivirus just don’t keep up”
The expert gave three anonymous examples of firms in Wales which have been victim to cyber criminality.
Case Study 1: A manufacturing firm with around 70 computer users paid a ransom demand of £3,500(demands are always in bitcoins, making them untraceable). An employee clicked on an email attachment infected with Ransomware, and it encrypted all data that work could see, both on their local computer and on the network. At the end of the encryption process (which is done without user knowledge) the ransom demand popped up. Although the firm had backups that were from the previous day, it was felt that paying the ransom demand was a cheaper option that losing a day of work.
Case Study 2: A charity with around 40 users was subjected to a cyber crime attack when a director clicked on an email attachment, again containing Ransomware. Due to their insistence that they had access to all data held in the charity, the Ransomware was able to encrypt all data bringing down multiple servers across several sites. The Ransomware also uninstalled backup software on the servers and deleted the most recent backups, resulting in about two days of business downtime for the charity. The ransom demand was about £1500. The charity was able to restore from backups taken a few days before but the attack meant some data was lost.
Case Study 3: A staff member at a medical company with around 15 users clicked on a ransomware attachment in email, and around 10% of data held by the business was encrypted. The employee involved was distraught and the ransom was around £800. The business paid the ransom as the effected data has not been backed up. The firm recovered around 90% of the lost data.
The message of the seminar at Capital Law, Tyndall Street in Cardiff on 29 March, 2017 is that staff can be the biggest allies in defending against cyber crime.
Aimed at directors and business leaders who hire IT professionals, the seminar will unpack the evolving cyber threats landscape, set out how to work in collaboration with staff to ensure firms are best protected, and also explain the employer’s duty of care towards staff when an attack happens and what to do next.
The speakers will also outline the recovering process from a data and people perspective and issue guidelines on how to protect your business.
Alex Christen, an employment lawyer with Capital Law who will also host the seminar, said:
“It’s important that staff are trained on cyber security and are aware of the threats ransom demands can place on a business. The intricacies of the cyber world are often outside an employee’s day-to-day remit. Innocently clicking on a link in what appears to be a legitimate email is understandable in the absence of clear guidance from the employer.
“The session will not only cover the importance of raising awareness of cyber security and training staff on what to look out for, but it will also cover how to react when one of your employees places you at risk of a ransom demand.
“Whilst we cannot ignore the added threat of an employee knowingly assisting a cyber attack, businesses should not underestimate the benefits of a collaborative approach to reducing the threat of ransom demands.”