Back
Ransomware attacks are hitting the same victims multiple times!
17th Feb 2021 In Security By Jack Francis

The UK’s National Cyber Security Center warned of rising cases of ransomware attacks, including victims hit by repeat attacks shortly after paying a ransom.

Earlier this month the NCSC detailed a recent case involving an organisation that paid millions for a decryption key after being hit with ransomware. This sadly wasn't the end as within two weeks the same ransomware group struck again demanding a second payment.

The NCSC stated that the company initially parted with $6.5 million in cryptocurrency to obtain the decryption key. However after this initial attack, the company made no investigation or changes to infrastructure to prevent this kind of attack in the future. This proved to be a fatal mistake when two weeks later the ransomware operator stuck again, the company was forced to pay the ransom for the second time. 

“Less than two weeks later, the same attacker attacked the victim’s network again, using the same mechanism as before, and re-deployed their ransomware, the victim felt they had no other option but to pay the ransom again.”

The NCSC noted that the company prioritized recovering their files to resume normal operations without addressing the real issue which made it much easier for the repeat ransomware attack to be successful. “However, the real problem is that ransomware is often just a visible symptom of a more serious network intrusion that may have persisted for days, and possibly longer,” the agency wrote.

NCSC says that companies should investigate how the attackers managed to compromise the network before restoring their data. While paying the ransom could be the quickest method of resuming operations, total recovery from a ransomware attack is a long process and could take weeks.

So what can we do to stay protected? Preventing ransomware attacks and reducing their impact is the most effective way to prevent disruptions, according to NCSC. Organizations could achieve this by patching vulnerable systems and keeping operating systems updated. Similarly, enabling multi-factor authentication on VPN and RDP services reduces ransomware incidents. Also, ensure your business-critical data is backed up properly could save your organisations millions in exchange for decryption keys and massively reduces your business' downtime in the event of a ransomware attack.

For help securing your organization against the rising ransomware threat get in touch with our expert team today on 01642 248 750.

CONTACT
Head Office

T: 01642 248 750

Contact Us

5 Eggleston Court

Riverside Park, Middlesbrough

TS2 1RU

Opening hours: 08:00 - 18:00

Gateshead Office

T: 0191 7315 750

Contact Us

Building 7, Queens Park, Queensway,

Team Valley, Gateshead,

NE11 0QD

Opening hours: 09:00 - 17:00

Glasgow Office

T: 0141 2551 828

Contact Us

Clyde Offices, 2nd Floor,

48 West George Street, Glasgow,

G2 1BP

Opening hours: 09:00 - 17:00

IT Help Desk

T: 0800 612 5360

Contact Us

Opening hours: 08:00 - 18:00

Report Suspicious Emails

E: report@phishing.gov.uk

SECTORS

ENTERPRISE

SME

HEALTHCARE

EDUCATION

LOCAL GOVERNMENT

CHARITIES

DISCOVER

About

Blog

Careers

FOLLOW
© 2024 ADNS Group
Sitemap Terms & Conditions Privacy Notice
Design & Development by Calm Digital