SMES are the latest victims of Cyber Attacks
The need for improved cyber security has increased over the last year following a recent increase in cyber-attacks. Companies worldwide are reporting that they have been hit with a major ransomware cyber-attack, including the NHS in May 2017. Unfortunately we have seen a spike in the number of SMEs being affected by cyber-attacks. We have put together a brief case study to show you how a local SME was affected by a ransomware virus and the affects it had on the business.
WHAT THE VIRUS WAS?
A medium sized business with sites located across Scotland was recently hit with a Ransomware Virus called URSSA. Ransomware is a type of malicious software that encrypts a user’s documents on a server, making them unusable. The virus leaves ransom notes explaining to the user that the only way they can recover their files is if ransom is paid. Here is an example of a ransom note:
The business’s accounting Software, SAGE, requires certain data base files for it to open account information. The virus itself modifies the files and makes them inaccessible, as mentioned above.
When SAGE tries to locate the files, it notices that they have been changed and the SAGE application is unable to open accounts information.
HOW IT AFFECTED THE USER/BUSINESS?
A user called in to our helpdesk saying that they couldn’t open any files in SAGE. Our technicians discovered that their files had been encrypted. This means that the business user couldn’t access any of their files. However, this could’ve been a much larger threat.
If the virus hadn’t been stopped when it was, it could’ve led to all users not being able to access any files, and the businesses IT infrastructure collapsing. If the entire company had been infected, for example, if all servers were hit where files are stored, then all users within the company would be unable to work and would be down until the virus was contained and files were restored. Therefore, it is crucial to have a backup system in place, as a company could face downtime for days and permanent loss of data. As this was caught early on one machine, we could prevent the virus from spreading and causing downtime.
HOW WE DEALT WITH IT?
This issue was immediately put under Category 1 – Critical. The server and all its files were recovered using client’s backup and recovery solution. Through this software, we could restore the company to a point before the infection and allow users to continue working. To do this, all users machines were individually scanned with our recommended anti-virus software. All machines showed they were clean. When we knew that all users were clean, we then proceeded to allow all end users to access servers again.
As Portal Technologies have the appropriate software and solutions in place, we were able to deal with the virus in a timely manner. Our technicians could use their experience and knowledge to eliminate these types of viruses quickly and efficiently to minimise downtime for our clients.
WHAT WAS THE RESULT FOR THE CLIENT?
By afternoon on the following day, all our client’s systems were back to normal and became fully operational with minimal downtime. Within 7 business hours the virus was caught, the infected files restored and the clients system fully operational.
Attacks can hinder business’s productivity and harm its reputation. The results of being hit with a Ransomware Virus are lost income, financial loss and ransomed data. Fortunately for our client, it did not reach this stage as we had the right solution in place.
Small businesses underestimate the threat of cyber-attacks and often don’t believe they are at risk, with 35% of business hit by cyber-attacks see cyber security as a low priority. Earlier this summer, business in Scotland lost around £2.5 million to online scammers. 875,000 SMEs across the UK have been affected by a cyber-attack over the last 12 months.
It is crucial that small business have knowledge of cyber-attacks such as Ransomware Viruses and how big a threat they can be. It is important to have a procedure in place – that’s why we’re here! If you have any concerns about the security of your IT Systems, please contact our support help desk – support@portaltechnologies.uk.
References:
The Independent http://www.independent.co.uk/news/business/news/sme-cyber-protection-attacks-hackers-small-businesses-medium-sized-security-online-wannacry-a7868426.html
Tower Gate Insurance- https://www.towergateinsurance.co.uk/liability-insurance/smes-and-cyber-attacks
HSBC – https://www.business.hsbc.uk/en-gb/campaigns/hsbc-business-banking-fraud-centre
