There has been a marked increase in the prevalence of ransomware attacks in recent years and the trend looks likely to continue. The results of a PWC survey released in November 2021 reflected that 61% of UK organisations expected to see an increase in reportable ransomware incidents in 2022.
Prominent ransomware attacks in 2021 include those on Acer and the Colonial Pipeline in the US, which was forced to close temporarily in May 2021. The latter incident highlights just how serious the consequences of a ransomware attack can be.
KP Snacks has recently become another victim of a ransomware attack. Hackers threatened to release data from the company’s IT system unless a ransom was paid. The attack caused anticipated shortages of KP Nuts and Hoola Hoops.
KP’s predicament got me thinking about some of the steps that businesses can take if they are unlucky enough to fall victim to a ransomware attack. Those which immediately spring to mind are:
- Don’t pay up! The advice of the UK’s National Cyber Security Centre is that ransomware victims should not pay up because “even if you pay the ransom, there is no guarantee that you will get access to your computer, or your files”. Paying up may also make you more likely to be targeted in the future.
- Alert IT security teams immediately so that they can launch your organisation’s cybersecurity response plan – this will likely include (i) isolating the infected computer(s) and disconnecting them from all network connections, (ii) establishing the scope of the incident, and (iii) restoring data for the latest clean backup.
- Involve your lawyers as soon as possible – doing so can help with insurance and dealing with data subject notifications and correspondence with the Information Commissioner's Office (ICO). They will also be able to assist with issues surrounding privilege.
Preparation really is key. Plan for an attack, even if you think it is unlikely, and make sure everyone in your organisation knows what to do. A thorough cybersecurity response plan is essential. It’s also important to ensure that there are regular and effective backups of critical systems. Also consider the impact that freezing your IT system could have on your business – if you won’t be able to supply your product, for example, do your contracts allow you to suspend performance or will your customers be suing you for breach?