Ransomware: Developing a Response Strategy

  • Ransomware attacks pose a serious cyber threat to organisations by preventing access to data with the subsequent knock on effect of interruption to day to day business operations
  • By making that data unavailable and stopping the manufacturer of products or delivery of services, the cyber-criminal can demand a sum of money in return for the restoration of data access
  • This paper explores the key factors organisations should consider when developing a ransomware response strategy.

As the societal dependency on IT and connected systems increases, we are collecting and producing a huge amount of data which has become the backbone of every business. Information is then produced by the interpretation of these data and all organisations in both the public and private sectors are directly reliant on this information for the day to day running of the business.

In our paper covering Phishing, we highlighted how cyber-criminals exfiltrate data from businesses to sell on the dark net. However, not all data has a value on the black market and cyber criminals need to find other ways to make money. Recognising that data has value to businesses, by making that data unavailable and stopping the manufacturer of products or delivery of services, the cyber-criminal can demand a sum of money in return for the restoration of data access. These types of malicious software which create unavailability of system or data are collectively known as Ransomware.

Ransomware attacks pose a serious cyber threat to organisations by preventing access to data with the subsequent knock on effect of interruption to day to day business operations. This paper explores the key factors organisations should consider when developing a ransomware response strategy.

  • We would like to thank Matthew Tyler, Blackfoot Cybersecurity, for his contributions to this paper. Blackfoot is a partner of Zurich offering a comprehensive portfolio of security services that enhance cyber resilience. For more information about our risk management services please contact your local Zurich representative.

Click here to download our risk guidance, ‘Ransomware – Developing a Response Strategy’.