Businesses warned of new ransomware cyberthreat

Security agencies around the world are warning businesses of a new ransomware group, Interlock, which is targeting organisations in Europe and North America.

Like other ransomware threats, the group will exploit security vulnerabilities to steal data and lock businesses out of their systems before demanding payment, usually in the form of cryptocurrency, to restore access. However, the Interlock group is using more deceptive methods to gain access, such as fake security updates, malicious webpages and other tricks to dupe a member of a business’ workforce into granting access. While so-called ‘double extortion’ methods are widely deployed, Interlock is understood to have refined techniques to increase pressure on businesses to make payments quickly.

In response to the growing threat, the FBI has shared a number of simple steps to help organisations reduce their risk of falling foul of ransomware attacks:

• Keep systems fully updated to close known security gaps.
• Use multi-factor authentication to prevent unauthorised logins.
• Enable web filtering and firewalls to block harmful websites.
• Segment networks so that if one area is compromised, other parts of the business can continue to operate.
• Invest in proactive security tools that detect suspicious behaviour early.

While it is typically large businesses that make headlines when falling victim to a cyberattack, such as recent attacks by hacking groups on the Co-op, Marks & Spencer, and Jaguar Land Rover, businesses of all sizes are being urged to ensure their cybersecurity is kept up to date.

Dave Taylor, Managing Director of Cheadle Hulme-based Amshire IT, warned:

“It is easy to assume ransomware mainly affects large organisations, but smaller and medium sized businesses are often easier targets. Attackers know that many companies in this range do not have the same resources or layered security in place.

“Imagine the impact of suddenly losing access to client information, financial data, or operational systems. Even if recovery is possible, the downtime, data loss, and reputational damage can be severe.”