- Study finds huge surge in so-called ‘ransomware’ attacks on businesses
- Many firms don’t report them and pay hackers to avoid any embarrassment
- Around a quarter of British firms suffered attack in the last year, stats show
British businesses are being plagued by so-called ‘ransomware’ computer hacks mainly emanating from Russia, a new report shows.
More than a quarter of firms in the UK have been targeted in the last year, with nearly half of those paying up to £10,000 to recover hacked files, cyber security company Malwarebytes has found.
Around 10 per cent of firms were deluged with more than 20 attacks in the last 12 months, with the overall cost to the economy estimated at £1billion.
British companies are being forced to hand over thousands to ‘ransomware’ hackers
Marketing firm WPP, which is behind famous campaigns for Chanel and Virgin Atlantic, was among the companies hit by a widespread attack in June this year
Marketing giant WPP, which is behind famous adverts for Chanel and Virgin Atlantic, and shipping firm Maersk are among the famous companies to have been affected.
Ransomware is a type of malicious software that criminals use to attack computer systems, with hackers demanding the victims pay ransom money to access their files or remove harmful programmes.
The new report by Malwarebytes states: ‘Cybercrime has emerged from a nascent threat to an endemic global phenomenon, inflicting vast damage to businesses and individuals.
‘Attacks on businesses are growing. The number of attacks recorded in the first 10 months of 2017 has surpassed the total for all of 2016.
‘The average monthly volume of attacks is up 23%. Businesses underestimate the extent to which they are targeted.
It continued: ‘Ransomware is emerging as the latest tool of choice for cybercriminals. The rate of ransomware attacks, as detected by Malwarebytes, exploded by 289% in 2016.’
In August this year, shipping firm Maersk was hit by attack which cost it up to £200million
Up to three quarters of the attacks come from Russian or Russian-speaking hackers, researchers told The Times.
The scale of the problem was highlighted when the NHS was hit by an so-called WannaCry attack, which affected computers, phones and emergency bleepers in hospitals and GP surgeries
British advertising agency WPP were among a number of companies hit by a widespread global attack in June this year.
It is understood many firms never report the hacks for fears of backlashes from customers.
How to spot a ransomware email
The biggest giveaway of a malware email is that they are sent without being asked for, so it is always best practice to never open an unsolicited attachment.
The subject line of emails in the Scarab attack suggests the image scans they contain were created using printers from a number of reputable firms.
This includes Lexmark, HP, Canon and Epson, giving the scam messages an appearance of legitimacy at first glance.
Malware takes over your computer, threatening to erase files if the ransom isn’t paid
However, there may be spelling mistakes or other grammatical errors that give the game away.
This might be in the subject line, email address or body text of the message.
Archive files, like the 7zip format used in the attack, are also another warning sign of potentially dangerous content.
These types of file can be used to try and bypass detection by anti-virus scans.