Three weeks into 2023, and two already seen two high-profile ransomware attacks have impacted upon leading U.K. businesses. The latest is a cyberattack on Yum Brands (owner of KFC and Pizza Hut). The earlier incident impacted the main postal delivery service – Royal Mail (which despite a name suggesting otherwise, languishes in the private sector).
According to the company: “The company is actively engaged in fully restoring affected systems, which is expected to be largely complete in the coming days. Although data was taken from the company’s network and an investigation is ongoing, at this stage, there is no evidence that customer databases were stolen.”
What interferences can be drawn from these attacks and what do they signal about U.K. corporate preparedness?
In discussion with Digital Journal, Frederik Mennes, Director Product Management & Business Strategy at OneSpan, considers the trends that can be pulled out from these ransomware incidents.
Mennes begins with the evident finding that these recent incidents “shows that ransomware attacks are unfortunately all too common nowadays.”
Looking beyond geographical borders, Mennes assesses that: “The UK is not alone, as the very recent T-Mobile attack in the US and the attacks last year in Australia show. All countries are vulnerable.”
It can also be expected that such incidents will continue. Mennes opines: “As long as companies who fall victim to ransomware attacks actually pay the ransoms, fraudsters will be motivated to conduct more ransomware attacks.”
There are other factors in addition to the money stream for ransomware attacks have seemingly become easier to enact. Here Mennes assesses: “In addition, the availability of ransomware-as-a-service has made it easier for less tech savvy fraudsters to procure ransomware malware rather than developing the malware themselves, which has led to a promulgation of ransomware attacks.”
As to what can be done, Mennes thinks organizations should follow these five steps:
- Perform backups of critical data, and store these backups offline
- Perform regular security patching and software updates of IT systems
- Deploy anti-malware software on servers
- Deploy multi-factor authentication (MFA) for access to IT systems
- Educate personnel about security practices, like the risks of opening e-mail attachments
There is an overarching need to be proactive in order to support the five above precautionary approaches. Mennes sees this as: “Most importantly, we cannot rest on our laurels. These security practices must be continuously innovated so that we stay a step ahead of cyber criminals.”