Businesses must be aware of the risk posed by hackers
The internet has created a criminal ecosystem that supports the development, deployment and financial mechanisms to maintain malware as a profitable industry.
The popularity of electronic currencies, such as Bitcoin, has grown significantly and the existence of these anonymised mechanisms plays into the hands of criminals and provides a more direct method of monetising their activities.
Last week this crypto-warfare struck at the heart of Britain's healthcare system with little regard for the consequences to the ultimate victims, the ill and frail. Ransomware has evolved into one of the biggest threats to cyber security. From the criminal's perspective, the internet is an enormous gift.
In the latest case, it was an unpatched vulnerability where it went wrong. Software systems are complex, and occasionally a weakness is unwittingly released by companies. These software firms continue to check for these bugs long after the initial release. In this case, Microsoft found a weakness and created a fix for the bug (known as a patch) in March. For most domestic users these patches are automatically picked up and implemented.
Unfortunately, in larger companies, there are lengthy processes in place to validate the fix before implementing. This delay creates a window of opportunity for criminals to gain access. The criminals have developed specific software programs known as exploit kits that scan computers for vulnerabilities and exploit them.
The encryption algorithms used to lock the data are unbreakable so it is important for businesses to take steps to prevent an initial attack and they have a process in place where they can recover access if a computer is attacked.