Understanding Ransomware Attacks

Why and How Organisations are Targeted

The recent significant ransomware attack on the HSE shut down its IT systems and it was a “major incident” for the health service. Organisations like the HSE are very vulnerable to these kind of attacks because there is massive pressure to retrieve the very sensitive and valuable information they hold.

Ransomware is a type of software intentionally designed to cause damage to a computer/network that converts information into a code to prevent access to victims’ files or folders. In order to unlock the files and folders, victims must pay a ransom to their attacker. In certain cases, victims can be locked out of applications and entire IT systems causing a significant disruption to their business or organisation.

A ransomware victim will try to open a file on their computer and they will receive a disturbing pop-up that tells them that their system has been encrypted and locked. Within the pop-up, there will be instructions for paying the ransom and accessing a secret key to decrypt the file. There is usually a countdown timer for making the payment to the attacker.

There are quite a few ways that ransomware can gain access to your computers and systems. However, the most common delivery method is phishing spam i.e. where attachments are sent to the victim’s email, masquerading as a trustworthy document or file. As soon as you click, open, and download a file, the ransomware creates a backdoor to gain control of your computer and files.


Do’s and Don’ts of Ransomware Attacks

Do: Back Up Your Data

First, make sure you back up your data regularly—constantly, and throughout the entire organisation. In a ransomware attack, a criminal gains power when they hold all your information hostage but if you have safe copies of all your old data, this threat can be pointless.

Don’t: Provide Personal Information to Unfamiliar Sources

You should never give your password or login credentials to anyone, especially if that person is not familiar to you or is outside your organisation. Too many ransomware attacks could have been prevented by following this simple rule.

Do: Train Your Employees

Ransomware attacks are often the result of poor IT training and/or bad user habits. Make sure you are familiar with standard best practices in the cybersecurity world, like choosing strong passwords, never giving out passwords to others, and avoiding links and content that appear suspicious or unfamiliar.

Don’t: Let the Attack Get Worse

If you’re in the middle of a ransomware attack, it’s important to mitigate the damage as much as possible. That means disconnecting from the internet entirely and preventing the attack from going further. The more proactive and the faster you are here, the better.

Don’t: Run Backups During an Attack

Similarly, make sure you turn off all automatic backups during an attack, should one occur. Otherwise, you’ll be duplicating the ransomware attack and possibly compromising your backups.


If you have been impacted by this issue you can get further information from the Gardai.


“At the end of the day, the goals are simple: safety and security”. Jodi Rell

Having read this notification let us know if you have any immediate thoughts/comments you would like to share with us. This is a pilot programme so all your thoughts and comments are really welcome, they will help us find the best solution to support digital wellbeing.

    SOURCE :

    Articles related to this topic.