#RansomAware

A movement to stop cyber shaming, share intelligence and fight back against the onslaught of ransomware attacks.

 

The #RansomAware Movement

#RansomAware is a movement to encourage organisations to share experiences, exchange ideas and pool intelligence on ransomware attacks, even if this must be done anonymously.

We believe we are stronger together. That’s why we’re forming a coalition of businesses, industry bodies, academia, government, influencers and media to stop cyber shaming, share intelligence and fight back against the onslaught of ransomware attacks. Information sharing is the only way to get ahead of the cybercriminals. They collaborate to make their attacks more successful, so we must collaborate to make our defences stronger.

 
Need help?
If you have suffered a ransomware attack or need complimentary advice on how to mitigate the risk of an attack, please complete this form and one of our experts will be in touch.
Stronger together

We cannot win the war on cyber crime if we stand alone.  We must form a community of cyber security experts, businesses, academia and government to share experiences, exchange ideas and pool intelligence.  These are the founding coalition members of #RansomAware.

talion | bae systems
talion | siemplify

Resources

Here you'll find useful resources created by the coalition members and friends of #RansomAware

Talion

Top 5 Ransomware Strains of 2021

Find our which ransomware gangs have been most prolific in 2021

Top 8 Ransomware Mitigation Tactics

Recommendations to help reduce the risk of falling victim to a ransomware attack

National Cyber Security Centre

What board members should know and what they should be asking their technical experts

To pay or not to pay

Flavia Kenyon outlines the increasing threat of ransomware cyber attacks on big business

Every breath you take, every move you make

Flavia Kenyon discusses the dangers of cyber espionage & global insecurity

A Ransomware Pandemic

Natalie Page, Threat Intelligence Analyst at Talion, discusses why we've seen such a massive rise in ransomware and what it means for businesses

National Cyber Security Centre

A new framework published by the Ransomware Task Force highlights the power of collaboration to address widespread cyber threats

Forrester's List of Ransomware Resources

With ransomware continuing as a high-impact problem (with seemingly no end in sight), Forrester kindly put together some useful ransomware resources for security practitioners

Top 5 Ransomware Strains of 2021

Find our which ransomware gangs have been most prolific in 2021

Top 8 Ransomware Mitigation Tactics

Recommendations to help reduce the risk of falling victim to a ransomware attack

National Cyber Security Centre

What board members should know and what they should be asking their technical experts

To pay or not to pay

Flavia Kenyon outlines the increasing threat of ransomware cyber attacks on big business

Every breath you take, every move you make

Flavia Kenyon discusses the dangers of cyber espionage & global insecurity

A Ransomware Pandemic

Natalie Page, Threat Intelligence Analyst at Talion, discusses why we've seen such a massive rise in ransomware and what it means for businesses

National Cyber Security Centre

A new framework published by the Ransomware Task Force highlights the power of collaboration to address widespread cyber threats

Forrester's List of Ransomware Resources

With ransomware continuing as a high-impact problem (with seemingly no end in sight), Forrester kindly put together some useful ransomware resources for security practitioners

Ransomware is the biggest cyber security threat we face today
Damage
20
$Bn
Global ransomware damages are set to reach $20 billion in 2021
Fooled
92
%
of organisations who paid a ransom in the past 12 months did not get all of their data back
Every
11
sec
a ransomware attacks occurs
Our Top Tips
 
How to stay protected, where to report an attack and should you pay?.
 
How can I stay protected?

Here are my top tips to avoid being the victim of a ransomware attack:

  • Prioritise Remote Working Security – Organisations can begin with some very simple steps, such as utilising strong passwords & two-factor authentication across your network, also that your organisation is using the latest versions of operating system and software by ensuring patching is implemented promptly.
  • User education – Implement regular training educating employees on how to recognise social engineering techniques and expose your users to planned phishing email tests.
  • Prioritise patching – As mentioned above, patching will improve remote working security and the potential for attackers to utilise known exploits to infiltrate your system.
  • Regular password updates – To avoid attackers performing an employee account take over to access your network, ensure you enforce users to regularly update their password on your system, highlighting the importance of your employees not reusing or duplicating personal passwords on your system.
  • Finally, keep up to date with the latest techniques, tactics and procedures being utilised by attackers. At Talion we monitor and alert threats to our clients as they emerge, advocating effective, timely procedures to defend their estate.
Where do I report a ransomware attack?

Action Fraud is the UK’s national reporting centre for fraud and cybercrime. They take reports on behalf of the police and every report they receive helps to build a clear picture of fraud and cybercrime, making the UK a more hostile place for criminals to operate in.

For more information or to report a Ransomware attack visit: Action Fraud

When you suffer a cyber-attack, or a related cybersecurity incident and you are a business, you might need to report it to the Information Commissioner’s office (ICO).  Under the General Data Protection Regulation (GDPR) rules, from the 25th May 2018 it has been mandatory that you also report data breaches to the ICO within 72 hours.

Click here for information on how and when to report a cybersecurity incident to the ICO.

You can also report a Ransomware attack to the National Cyber Security Centre (NCSC).

All submissions are useful and will aid the NCSC. If you are alerting the NCSC for information or because you require technical assistance, please visit Reporting a cyber security incident (ncsc.gov.uk).

Reporting an incident to the NCSC does not fulfil any legal or regulatory incident reporting requirement.

Should I pay the ransom?

More than half (56%) of ransomware victims paid the ransom to restore access to their data last year, according to a global study of 15,000 consumers conducted by security company Kaspersky. However, as recently reported by Forbes, research shows that 92% of organisations do not get all of their data back after paying the ransom.

The FBI’s official statement on ransomware advises victims not to pay the ransom. There is no guarantee that the hackers will restore your information. Worse, it could put a target on your back if your business is seen as unprepared to handle cyber attacks and willing to pay the ransom.

The National Cyber Security Centre (NCSC) make the following recommendations:

Law enforcement do not encourage, endorse, nor condone the payment of ransom demands. If you do pay the ransom:

  • there is no guarantee that you will get access to your data or computer
  • your computer will still be infected
  • you will be paying criminal groups
  • you’re more likely to be targeted in the future

Attackers will also threaten to publish data if payment is not made. To counter this, organisations should take measures to minimise the impact of data exfiltration. The NCSC’s guidance on Protecting bulk personal data and the Logging and protective monitoring guidance can help with this.

Quick Facts

These statistic demonstrate that not only is Ransomware a fact of life but that anyone can fall victim to it.

Cyber criminals are netting millions

The latest forecast expect global ransomware damages to reach $20 billion in 2021 — which is 57X more than it was in 2015

Ransomware is Big Business

The Ryuk ransomware is responsible for the large rise in ransomware payment costs. Ryuk demands $288,000 per incident, on average, compared to around $10,000 demanded by other ransomware.

Payments are on the up!

CNA Financial Corp., among the largest insurance companies in the U.S., is believed to have paid $40 million in late March, 2021 to regain control of its network after a ransomware attack.

Employees are vulnerable

Researchers found that nearly half (47%) of attacks seen in 2020, took advantage of employees working from home and utilised remote desktop protocol (RDP).

Here you can anonymously submit details of a ransomware attack. This information will be used for research purposes only.









    Join the #RansomAware Movement
    Add the logo to your website or use it on social media to help spread the word. To become a coalition member please contact: Amy Perez, Marketing Director, Talion aperez@talion.net
    Talion
    Join the #RansomAware Movement
    Add the logo to your website or use it on social media to help spread the word. To become a coalition member please contact: Amy Perez, Marketing Director, Talion aperez@talion.net