Countering ransomware – it’s time to patch the human

Ransomware relies on human fallibility crypto-ransomware, malware that extorts money from victims by encrypting their files and systems until they pay a ransom, has been much in the news since WannaCry hobbled IT systems around the world last month. While much was made of the fact that WannaCry spread through networks by exploiting SMBv1 vulnerabilities in unsupported Windows systems (such as Windows XP, Windows 8 and Windows Server 2003), it is unusual for ransomware to self-replicate in the way WannaCry did.

Often, ransomware, in common with most other forms of malware, is spread by drive-by downloads or phishing campaigns, both of which exploit human error. So, even if you use robust anti-virus and anti-malware solutions, conduct regular penetration tests and ensure you keep your systems up to date and install the latest patches, your system could still be compromised thanks to a careless employee.

According to a 2016 report by SentinelOne:

  • 39% of organisations in the UK were hit by ransomware in the previous year
    • 72% of those infections were attributable to phishing
    • 38% were attributable to drive-by downloads from compromised websites

People are frequently acknowledged as the weakest link in any security system. But with better levels of staff knowledge, companies are more secure as you can, in effect, ‘patch’ your employees. Therefore, a best-practice approach to information security such as an ISO 27001 compliant ISMS (Information Security Management System), follows a holistic approach that addresses people as well as processes and technology.

Amicus ITS takes security seriously.  “We say security is part of our DNA here” advises  JP Norman, Director of Technology, Security & Governance, “and I consistently refer to the importance of “the squishy bits” (ie. the people) in IT management.  You can deploy the best systems and infrastructure money can buy –  but you have to ensure your people are trained too.”

One thought on “Countering ransomware – it’s time to patch the human

  1. Hey Leute…ich suche einen Cinelli &##0r2;Alte2&88221; Vorbau in Schwarz-Gelb.Habt ihr solch einen da? (Größe wäre egal) Oder könnt ihr den irgendwie besorgen?Viele Grüße

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s