What is ransomware?

Shocked female discovering a ransomware attack on her business

Of all the cybersecurity threats we cover, ransomware is by far the most high-profile. It often seems as though barely a week passes without another story in the news about the latest blue-chip victim.  

It’s not hard to see why the media devotes so much coverage to ransomware. It’s a rapidly growing threat. It usually includes a note of suspense as we all wonder whether the victim will pay the ransom. And, it’s claimed some of the biggest companies on the planet as its victims.

But beyond the media headlines, ransomware is poorly understood. How does it work? Why is it so hard to stop? And, more importantly, what can you do to protect your business? 

How does ransomware work? 

Most ransomware uses a special kind of encryption, called ‘asymmetric encryption’. That might sound complex, but it’s actually very simple. Like standard encryption, it uses a pair of keys to encrypt and decrypt a file. However, unlike standard encryption, the attacker is the only person with access to the key to decrypt the file. It’s this key that cybercriminal uses to hold the victim’s files for ransom. 

Or, to put it in simple terms, it’s a bit like leaving the office to find your car has been clamped and a ticket attached to the windscreen with a demand to pay £250 to have it freed. Unfortunately, that’s where the similarities end. While you might be able to remove a clamp with the help of a mechanic, it’s virtually impossible to decrypt an encrypted file without a key. 

And it’s for this reason that in most successful ransomware attacks the victim is forced to quietly pay up to get their files back. 

How does ransomware get in? 

Much like its cousin malware, ransomware comes in many forms and can enter your system in a variety of ways. However, the most common route is through email spam campaigns or through a carefully targeted attack – think March’s attack on Acer or the infamous attack on the NHS in 2017. 

Once it’s in, the ransomware drops off its malicious cargo and then searches for valuable files to encrypt. ‘Valuable’ files are usually things like Word documents, spreadsheets, images and databases. Ransomware can also exploit any system or network vulnerabilities you have and spread across your organisation and into your supply chain

Why is ransomware so hard to stop? 

If it poses such a huge threat, then why does ransomware continue to grow more common and payouts keep climbing? Surely someone has come up with a way to fight it? 

Unfortunately, ransomware is very tricky to counter for a few reasons.

Easy to set up

Cybercriminals no longer need to be coding wizards to launch a ransomware attack. Malware marketplaces have sprung up in the shadier corners of the internet, meaning would-be crooks can essentially order ransomware on-demand. Often all its creator will ask for in return is a share in the profits. 

Most people pay up

The success of ransomware rests on the same principle as any other type of ransom. Generally, if something is valuable to someone and they risk losing it forever, they’ll pay whatever is necessary to get it back.

Cybercriminals know this, it’s what makes ransomware such a lucrative scheme. 

It’s hard to track the perpetrators down 

Remember the old adage ‘follow the money?’ Sadly, it’s nonsense when it comes to ransomware. Most cybercrime is paid for using cryptocurrency and planned in the darkest reaches of the internet, making it very hard to track.

There are endless targets 

Wherever you are in the world, cybersecurity knowledge is low. It’s low among business leaders. It’s low among staff. And it’s low among the general public. This means potentially endless targets for cybercriminals.

As we mentioned earlier, ransomware typically enters organisations through pretty unsophisticated methods. However, ransomware doesn’t need to be sophisticated when so few of us understand what an attack looks like. 

How do you protect your business? 

We’ve painted a pretty bleak picture so far, but don’t despair. There’s plenty you can do to protect your business against ransomware. 

Training, training, training 

According to research, 95% of cybersecurity breaches begin with human error. This is especially true when it comes to ransomware, with most attacks starting through a dodgy email being opened or malicious file downloaded. 

But before we rush to condemn human failings, it’s worth asking whether your people have been trained to spot threats. After all, if your employees have no idea what a ransomware attack looks like, they’re far less likely to take the right action to protect themselves or your business. 

The best way to beat this is through training. Training can help your people better recognise and understand the threats they face. And, more importantly, learn how to counter them. 

The kind of training you need will be highly dependent on your business and the existing knowledge of your staff. But a great place to start is by reading our blog on all things cybersecurity training. 

Backup your data

As we mentioned earlier, most victims end up paying out to ransomers but there’s a very simple way to avoid this. Always backup critical files and data, preferably in the cloud or on an external hard drive. That way, if you do get attacked, you can wipe your device(s) and reinstall everything from backup. 

This won’t completely remove the threat of ransomware, but it will remove the need to pay your attacker to get your files back.

Patch your software

Updating software is a hassle, we get it. There never seems to be a convenient time to reboot your device and the endless passive-aggressive reminders from your operating system can get very grating. 

However, it is important, particularly when it comes to protecting yourself against ransomware. Even the best software develops vulnerabilities over time. It could be that the software was built with vulnerabilities that weren’t anticipated at the time or it might be that a new cyber threat has emerged. Whatever the reason, software developers get around the problem by releasing security patches.

These updates fix the ‘holes’ in your software that can be exploited by ransomware. Without them, you risk giving cybercriminals a back door into your systems and data.

But the good news is all you have to do is regularly update any software or tools you use. It shouldn’t take more than a few minutes each week and it’s by far the most effective (and simple) way to protect yourself. 

Read more about the importance of patching here.  

Stick to secure networks 

Whether it’s at your favourite local coffee spot or on the train to that important client meeting, using public Wi-Fi networks is a bad idea. Most public networks have poor or non-existent security and are the perfect place for cybercriminals to snoop on your internet usage and launch attacks. 

If you need to connect to a public network for any reason, use a Virtual Private Network (VPN). A VPN allows you to connect to business systems securely and browse the internet safely, wherever you are. For everything you need to know about VPNs, check out our blog on the subject

Put security policies in place

It’s one thing to improve staff awareness of the threats posed by ransomware, quite another to ensure everyone is following security best practices. This is where a clear, easy-to-understand cybersecurity policy can work wonders. 

A well-crafted policy will help your people understand what they should and shouldn’t do and help them make the right decisions when faced with threats like ransomware. 

Stay informed

Last, try and keep an eye on the latest ransomware threats. To be clear, we’re not suggesting you become a cybersecurity expert overnight (unless you want to). However, having even a basic knowledge of what ransomware looks like can help prevent the worst. 

Is your business working remotely or considering making the switch? Don’t do anything without reading our guide to cybersecurity in a new era of work.

Remote working CTA

Does 5G pose a cybersecurity threat to SMEs?

5G cybersecurity

The fifth generation of wireless technology, or 5G, promises many things. But beyond grandiose pledges of hyper-connected living, truly scalable virtual reality, and a new golden age for business, 5G’s rollout has been far from smooth.

Unless you’ve (wisely) been consciously ignoring the news, it’s hard to miss the furore surrounding 5G. First, came British 5G towers being pulled down and set on fire due to COVID-19 conspiracy theories. Next, the UK’s decision to ban Chinese firm Huawei from its 5G network. Then, a backlash from environmental activists lamenting 5G’s potential footprint. 

But away from the big headline stories, there’s another side to 5G. It’s a potential gamechanger for small businesses. 

What benefits does 5G offer to small businesses? 

5G provides a host of benefits to small businesses, ranging from the simple to the fantastical. 


5G networks are engineered to be fast. Really fast. The most transformative part of 5G is its ability to reduce the time (or ‘latency’ if you prefer the techy term) it takes for data to get from one point to another. 5G promises speeds up to seven times faster than the fastest 4G browsing experience. 

For small businesses, this could improve everything from communication with customers to remote working to video conferencing. 

Smart offices

The term ‘smart office’ was all the rage a couple of years ago. We were promised a world of self-booking meeting rooms, automated energy controls and desk-monitoring software. The theory went that this would usher in a new era of happy, engaged employees, optimised office spaces,  and reduced real estate costs. 

However, at the time, the technology to truly automate the office environment wasn’t quite there. With 5G, that’s all about to change. The availability of superfast internet could finally make smart offices available, for very little cost, even to small businesses. 

Looking to improve cybersecurity in your business? Start by getting Cyber Essentials certified. 

Real-time communication

5G’s low latency could transform the way businesses communicate. Imagine a world in which your interactions with customers, staff and employees took place instantly, wherever they are in the world. 

No more waiting for emails to come through. Files uploaded to shared drives in seconds. And, video conferencing that doesn’t freeze every five minutes. That’s the future 5G promises. 

Remote working 

Unless you live in Sweden or have been extremely lucky, chances are you’re reading this at home. Most businesses have had to learn how to work remotely in the last six months. And, for the most part, we’ve all adapted well. 

However, we’re all familiar with the problems working from home presents. How well you’re able to work remotely largely depends on the quality of your internet connection. The additional capacity and speeds 5G offers could change this. Instead of playing the postcode lottery, employees will be able to access high speeds and low latency in even the worst internet black spots. 


The internet of things (IoT) is another term you’ll have heard a lot in the last few years. But beyond many of us using voice-controlled devices in our homes, it’s yet to really take off. 

5G’s improved connectivity will allow businesses to link up everything from printers and smartphones to office monitoring software.

The bottom line

In short, 5G will make small businesses more efficient, extending their ability to do more with fewer resources and in less time. And this won’t just save costs, it’ll also improve customer experience and boost revenue as a result. 

What risks does bring 5G bring for SMEs? 

Unfortunately, the benefits of 5G apply to cybercriminals as much as they do businesses. 

More attacks 

Although stronger, faster connections are a boon for small businesses, the same is true for cybercriminals. As businesses use 5G as a platform to innovate, so will the bad guys. 5G provides a better tool to launch sophisticated cyberattacks faster, more efficiently, and in greater numbers. 

More opportunities for cybercriminals 

5G enables greater use of IoT devices. And this will have huge benefits for small businesses.

Gartner predicts that there will be 20.4 billion IoT devices in use globally by the end of this year – just in time for the widespread launch of 5G. 

However, with more connected devices, comes more opportunities for the bad guys to break in. It only takes one poorly secured device for cybercriminals to find their way in. And, while it’s always been the case that one weak link is enough, IoT devices increase the risk simply because there are so many of them.

Decentralisation could lead to disruption 

This risk is a little more complex, so bear with us while we run through a short history lesson on network security. 

Traditionally, networks were hub and spoke designs. Essentially, everything flowing through a network eventually came back to the central hub, usually a data centre. This made practising good cyber hygiene pretty simple, as you could protect everything from this central point.

With 5G, these ‘hubs’ are decentralised to a web of digital routers throughout the network. This means that there isn’t a central point where everything can be checked and cybersecurity protocols put in place. Instead, this needs to be done throughout the network, upping the chances security will be overlooked and cybercriminals given a route in. 

What should you do to protect your business? 

Although some of the risks we’ve outlined above are the responsibility of internet service providers, you should never rely on secondhand security alone. There are plenty of things you can do to ensure your business reaps the rewards of switching to 5G, without exposing it to greater risks. 

Check the right security is in place 

Run regular checks to ensure every device used in your business is equipped with the best security capabilities. This includes any IoT devices you’re using such as voice assistants or smart printers. Tools like CyberSmart Active Protect can help automate this process, by running a scan of all devices every 15 mins. 

Make sure software is up to date

No one likes running software or operating system updates, but it is important. Often software providers will include patches to fix known vulnerabilities in updates, protecting you against new cyber threats. Ensure all software is configured to update automatically across all company devices or perform regular checks. 

Get Cyber Essentials certified 

According to a report from Lancaster University, the measures laid out by the UK government’s Cyber Essentials (CE) scheme can mitigate 98.5% of cybersecurity risks. If you’re not already CE certified, following the process will help you build a great base level of security before you make the jump to 5G. 

Maintain good password hygiene

We say it a lot, but setting up a password policy and ensuring everyone follows is a vital step. Always use complex passwords, change them regularly, and set up two-factor authentication, 

Clear security policies 

If you don’t have a security policy in place for 5G and the use of IoT, now’s the time. But it’s not enough just to have a security policy in place, your people also need to understand it. Check all security policies for workers are clear, easy to follow and stored in a central location everyone can access. 

5G is here. In less than four years time one billion devices will rely on it, and your business will very likely contain some of them. Of course, this brings risks. But the bad shouldn’t outweigh the good. By adopting a policy for 5G early and establishing simple, but effective security protocols you can make sure your business is primed to ride the next great wave of connectivity. 

Looking to improve your cybersecurity but not sure where to begin? Start by getting certified in Cyber Essentials, the UK government scheme that covers all the fundamentals of cyber hygiene.

CTA button

How to shift to working from home permanently without compromising your cybersecurity

Coronavirus has the potential to change the world of work forever.

Unless you’ve spent the last few months consciously avoiding the media, chances are you’ve read that sentence a lot. From morning talk shows to breathless newspaper op-eds, it feels like everyone is talking about the society-wide shift to working from home.

But what started as a necessary evil that many businesses adopted reluctantly has turned into something else. First came announcements from Twitter and Facebook that employees would be allowed to ‘work from home forever’ if they chose. This was followed by a host of other businesses including Google, Amazon, JPMorgan, Captial One, Slack, Salesforce, Microsoft and PayPal extending their work-from-home options.

Why is this happening?

Well, it’s actually very simple. An increasing number of businesses are seeing the real benefits of a more permanent shift to remote working.

Why rent office space for 300 people when you could use a smaller venue for essential meetings at half the cost? Why insist staff make long commutes into the office, when they’re happier and more productive working from home? 

For many organisations, the COVID-19 pandemic has turned these questions from water cooler conversations into key pillars of business strategy. 

If your business is considering making the switch to permanent remote working, are you prepared for the risks you should be aware of? And, how can you overcome them and ensure your people are working safely? 

What risks does working from home present? 

While switching to remote working offers benefits in productivity and real estate savings, it also comes with some risks. Here are a few of the most common. 

Unsecured personal devices 

The first question to ask is: can you be sure your people will follow the same security protocols they would in the office? The networks and security tools your staff use at home are likely to be far less secure than those in the office. Home office networks are 3.5 times more likely than corporate networks to be infected by malware, according to a report from BitSight. 

There may even be a psychological element to this. As ZDNet has reported, 52% of employees believe they can get away with riskier behaviour when working from home. For example, sharing confidential files via email instead of the usual, safer channels. 

Lack of remote-working policies and procedures

Part of the reason employees are exposing themselves to risk at home is simply a lack of knowledge of these risks. The COVID-19 pandemic developed so quickly that many businesses didn’t have time to put in place clear policies and procedures for working from home so employees were literally left to their own devices.

This makes cybersecurity a bit of a guessing game, particularly for the less security-literate of your staff. 

Heightened risk of attack

Cybercriminals are smart but they’re largely opportunistic. And it hasn’t taken them long to figure out that switching to remote working has made businesses vulnerable.

VMWare’s recent Global Threat Report, reveals that 91% of global respondents have seen an increase in cyber attacks as a result of employees working from home. Meanwhile, the proportion of attacks targeting remote workers increased from 12% of all email traffic in March to 60% just six weeks later. 

91% of organisations have seen an increase in cyber attacks as a result of employees working from home.

Keen to exploit our hunger for coronavirus updates, cybercriminals have set up thousands of COVID-19-related ‘news’ sites. These double up as hosts for malware and domain names to launch phishing attacks from. Without the robust controls deployed by most corporate networks, it’s incredibly easy for people working from home to fall into the trap. 

The other area cybercriminals are targeting more regularly is VPNs. VPNs have long been a weak point for cybersecurity. They were only ever intended for small numbers of workers to use occasionally, not whole companies all the time. As a result, many VPNs are insecure and provide cybercriminals with a much wider ‘attack surface’ with which to launch threats

Reliance on the Cloud

We talked about some of the potential issues with cloud storage in a recent blog and, while it’s the safest option for businesses, it’s not invulnerable to attack. 

Working from home naturally increases your reliance on the Cloud. And this isn’t necessarily a bad thing. However, cybercriminals are becoming better all the time at breaking through providers’ defences and intercepting data as it moves between employees’ devices and the cloud. 

How can you overcome these risks? 

We’ve tackled some of the risks involved in switching to working from home, so what can you do about it?

Provide clear policies and encourage communication

This is the most important step on this list. If your people don’t know which behaviours are harmful, they can’t correct them. Ensure all security policies for workers are clear and easy to follow. If you don’t have a remote working security policy, now’s the time to draft one.

Alongside this, work to foster a culture of communication. That way, employees will feel comfortable asking for help with anything they don’t understand and reporting anything suspicious to internal security teams. All too often, security mistakes are made because staff feel ‘silly’ raising their concerns. 

Ensure the right security is in place 

Many of the most common threats can be prevented simply by ensuring your people have the tools they need. Check that all corporate-owned or managed devices are equipped with the best security capabilities. Also, make sure that the security best practices you’d use in the office are extended to the home environment. 

Maintain good password hygiene

Set up a password policy and ensure everyone follows it. Employees should always use complex passwords and two-factor authentication, as well as change passwords regularly. 

Make sure software is up to date

Your employees should regularly install updates and patches for the software on their devices, no matter how much they might enjoy not restarting their laptop for months on end. 

Keep it professional

Encourage your workers to keep work devices for work and personal devices for everything else. Limiting the number of sites employees visit can limit the risk of attack. 

Secure Wi-Fi access points

Network gateways are an underappreciated aspect of good cyber hygiene. Most of us don’t think much about our WiFi once it’s up and running. However, changing the default settings and passwords on a router can reduce the potential of attack from connected devices.

Understand the risks

Hopefully, this article has been some help in identifying some of the risks remote working presents. But it can’t be stressed enough that understanding the risks is key to preventing them. IT teams need to identify the most likely areas of attack and prioritise the protection of areas of your business that cybercriminals could do the most damage to. 

Although the switch to working from home comes with difficulties, it’s also a golden opportunity to remould the way your business functions. Alongside, the obvious real estate savings, remote working promises happier employees, more productive work and greener business practices. Don’t let poor cybersecurity stand in the way of your business embracing the future. 

Looking to improve your cybersecurity but not sure where to begin? Start by getting certified in Cyber Essentials, the UK government scheme that covers all the fundamentals of cyber hygiene.

CTA button

GDPR: ICO publishes new guidance on Special Category Data 

Special category data

The Information Commissioner’s Office (ICO) has published new guidance on how and why special category data needs to be handled more carefully.

Some types of personal data are extremely sensitive , and therefore, data controllers must take extra measures to ensure their protection. This is known as special category data and it relates to data that:

  • reveals racial or ethnic origin;
  • reveals political opinions;
  • reveals religious or philosophical beliefs;
  • reveals trade union membership;
  • genetic data;
  • biometric data (where used for identification purposes);
  • data concerning an individual’s health;
  • data concerning a person’s sex life; or
  • their sexual orientation.

Leaks of this type of personal data can be extremely damaging and dangerous, just imagine if your medical records, information about your sex life or your political opinions were put into the public domain so anyone could see them. 

This has led the ICO to publish new guidance to support organisations in ensuring they stay GDPR compliant and protect the data they control. 

What does the new guidance say about how organisations should approach processing special category data?

Firstly, as always, you must have a GDPR lawful basis to process data under Article 6. However, when processing special category data you also need an Article 9 condition for the processing and potentially an associated DPA 2018 Schedule 1 condition. Many of the DPA 2018 conditions require you to have an appropriate policy document in place. This is a short document that should outline your compliance measures and retention policies with respect to the data you are processing. 

There is more to do when processing special category data, but the provisions are in place to help you protect the data of those whose information you hold, and increase your customers’ confidence in you. 

Data protection obligations got you in a muddle? Get on top of them quickly and easily with the CyberSmart Privacy Toolbox.

CyberSmart Privacy Toolbox