Ransomware has been a prominent threat to enterprises, SMBs, and individuals alike since the mid-2000s and by 2016 had grown to such an extent that it reportedly netted a total of £1 billion.
Cyber-criminals today are purposefully targeting the public sector, knowing the value and sensitivity of personal data these organisations hold, as well as their need to recover it quickly. Criminals typically demand that ransoms are paid in crypto-currency, with the amounts demanded ranging from thousands to millions of pounds.
"Ransomware infects a user's device, encrypting data or the system itself. The criminals behind the attack then demand a ransom be paid in exchange for returning access.
Often a user on the network will unwittingly execute the ransomware virus. Staff are fooled into opening malicious email attachments or visiting malicious websites. In 2016, these accounted for 82% of all ransomware infections. While cyber-security solutions are evolving to deal with attacks, cyber-criminals are developing strains to beat anti-virus software and remain undetected in systems for longer before infecting data.
Personally identifiable information (PII) is governed by the General Data Protection Regulation (GDPR) and in the UK the Data Protection Act (DPA) 2018. These laws set out how organisations should protect PII data and also the penalties for failing to do so. Public sector organisations tend to hold large volumes of PII data, particularly in the case of schools and hospitals. Ensuring the data is protected against threats like ransomware is vital.
Are public sector IT chiefs undervaluing the data they hold?
Over 50% of Senior IT Managers in the public sector thought "that data held by my organisation is less valuable than data in a private sector organisation" according to a recent report by the data security research team at Sophos.
While some may hold the opinion that 'business' or private sector information holds a high value, due to the types of PII data that public sector organisations hold, this data is of a higher value and carries a larger threat to individuals should it be lost.
Jonathan Lee, UK Public Sector Relations Director for Sophos, has explained how:
"Sensitive data for up to 66 million UK citizens could become available to the highest bidder on the dark web or among other criminal groups that buy and sells personally identifiable information (PII) like names, addresses, National Insurance numbers, tax returns, confidential medical records, passport details, and more... Cybercriminals can then use this data for spear-phishing, identity theft, breaching networks, or extortion."
To put the scale of this potential breach into context, British Airways was fined a record £183 million in July 2019 after a major data breach compromised around half-a-million individuals.
Under the GDPR, independent regulatory authorities such as the Information Commissioner's Office (ICO) in the UK have the right to penalise organisations up to 4% of global turnover or €20,000,000 for a major data breach.
Protecting sensitive information against threats such as ransomware:
Protecting against the threats of ransomware and other cyber-threats should be a priority for all public sector organisations (and private sector alike). The attacks can cause downtime and disruption, but if highly sensitive information becomes readily available on the dark web, the knock-on effects to private individuals is untold.
There are two main options for recovering from a ransomware attack; pay the ransom, hoping that the perpertrators adhere to their word; or restore systems from a previous backup. However, with ransomware strains evolving to make them more effective, the method of restoring data from a backup can be at risk too. Many variants of ransomware are designed to attack specific file types.
Securely backing up data off-site or at least having a copy away from a primary network adds a layer of resiliency, but backup sets also need to be immediately available if data is to be accessible on demand.
The future of data management. Now:
Redstor is disrupting the world of data management with their pioneering technology, which provides borderless visibility and on-demand access to all your data, wherever it is stored, through a single control centre.
By giving users on-demand access to data utilising InstantData Redstor ensures that critical data can be accessed when it's needed the most, like in the case of a ransomware attack.
Find out how you can trial Redstor's pioneering data management solution, contact a member of our award-winning team today!