Logicalis are warning Island businesses to back up data regularly and prepare for ‘professional’ ransomware
A ‘professional’ ransomware created in Russia is poised to attack Island businesses, with smaller professional services and retail organisations key targets.
Logicalis is warning businesses to watch out for the Conti virus which has attacked organisations including the Irish Health Service, Fat Face, and the Scottish Environmental Protection Agency.
The ransomware works by quickly encrypting data. The criminals behind it, a hacker-group known as WizardSpider, then use Double Extortion – threatening to expose your encrypted data online if you don’t pay up.
Logicalis has seen a resurgence of Conti around the world with the virus entering systems via links to a Google drive in phishing attacks – emails that looks like they are coming from someone you trust.
Tom Bale, Business Development and Technical Director, Logicalis Channel Islands, told Channel Eye: “The most common form of attack is via a phishing email from an address you may trust. The email contains a link to a Google drive that contains a document with the virus.
“Poorly configured or unpatched firewalls are also being infiltrated. Once you download the malware, Conti encrypts your data. It is highly efficient and can quickly spread to encrypt data in other parts of your network.
“While training and awareness about what emails you are opening, and what links you are clicking is a huge part of good cybersecurity, you need many layers of security to defend your systems against something like this.”
Hackers have demanded a ransom of $20 million from the Irish Health Service this week, forcing Ireland to shut down its hospital IT systems. The hack is the latest in a series of increasingly professional ransomware attacks by global groups. Earlier this month the Colonial Pipeline in the US was closed for several days following an attack by DarkSide, leading to petrol shortages.
Tom said: “As criminal gangs become increasingly professional, every organisation that connects to the internet needs to be aware they could potentially be a target. To protect your assets, you need to work with your cybersecurity provider to test your defences, building up multiple layers of up-to-date defences to mitigate against the numerous cyber risks.
“We all also need to be conscious about regularly backing up our systems and data, storing these backups offline so they inaccessible from our live systems, so we have a way to recover if security is breached.”