PSNI issue ransomware alert to local SMEs

News article

The Police Service of Northern Ireland Cyber Crime Centre is advising businesses to be on the lookout for possible ransomware attacks

Over the past week, the PSNI have been alerted to two local ransomware attacks both of which have resulted in significant impact to the organisations involved.

Majority of ransomware attacks in the headlines involve multinationals such as Travelex, or public sector bodies such as Redcar & Cleveland Council. However, the experience in Northern Ireland and elsewhere across the UK shows that quite often it is small and medium sized business based in local manufacturing or the service sector who can find themselves falling victim to ransomware. Similarly, attackers do not avoid small family firms or charities.

While there is no way to completely protect your organisation against this type of attack, the Cyber Crime Centre suggests that with some defence systems and – crucially - the right back ups, it is possible to increase the chances your organisation will avoid, detect or successfully recover from the impact a ransomware attack.

In their latest update, they have summarised four key tips suggested by the National Cyber Security Centre (NCSC) to help you protect yourself and your organisation from ransomware:

1- Regular backups are essential in terms of mitigating ransomware. Make regular backups, keep at least one copy offline and do not rely on a single cloud syncing service. Remember to test your backups to ensure they are performing correctly.

2 - Prevent malware being delivered to devices. Use email filtering and software tools to reduce the impact of phishing emails and ensure services such as remote access are secured against brute force attack. Use multi-factor authentication (MFA) to ramp up business security.

3 - Prevent malware from running on devices. Ensure end user devices are correctly configured, use the latest OS versions and keep software up to date. Protect against malicious Microsoft Office macros. Promote staff awareness.

4 - Limit the impact and enable rapid response. Segregate obsolete platforms, regularly review permissions and limit the use of administration accounts. Use two-factor authentication (2FA) to protect against compromised accounts.

Read the full NCSC's guidance on mitigating malware and ransomware attacks.

Finally, you can report suspicious emails to the NCSC Suspicious Email Reporting Service -

First published 23 July 2020