Connecting linkedin


Information Security – Ransomware and human error

12/07/2016 by Usha Tyagi


Ransomware has quickly become one of the biggest threats to cyber security, with new research conducted by Kaspersky Lab showing that the number of attacks on Android has increased by a staggering 400 per cent in just 12 months. The number of users attacked by the malicious software soared to more than 136,000 annually earlier this year, and there is a growing concern that enterprises and large organisations will be the next to be targeted. Ransomware blocks access to computer systems by encrypting files and locking screens and is now being used extensively by hackers in the United Kingdom, the United States, Canada and Germany.

Ransomware could threaten the continuity of businesses due to the rise of the “bring your own device” initiatives at work and the always-on nature of connected devices such as Android smartphones and tablets. The data published by Kaspersky Lab shows that four groups of malware – Svpeng, Pletor, Fusob and Small – are responsible for the vast majority of ransomware attacks and that criminals are actively exploring more opportunities on mobile rather than PC due to the effectiveness of screen-blockers. The report notes that Android users can protect themselves from a potential attack by restricting app installs to official stores only, employing an effective security solution and educating others about the latest malware propagation forms.

The bad news for businesses is that even if ransomware is contained, there remains a plethora of other risks and threats on the horizon. Ransomware is currently the buzzword in information security, but human error and internal threats are also central to ongoing cloud data loss and cyber breaches in the digital age. Data from ICO has revealed that almost two-thirds of data breaches reported in the UK during the first quarter of the year were caused by human error, with the University of Portsmouth estimating that it has cost enterprises £98.6 billion a year.

In order to protect themselves from the complacency of their own staff, businesses are being urged to backup important data in the cloud. The data should be encrypted in transit, and there should be service level agreements (SLAs) in place to provide additional recourse in the case of a breach or critical data loss. Large corporations should also ensure that they are not duped by shadow IT. When employees upload sensitive data to applications such as Google Drive without any encryption, they are increasing the risks of attacks significantly. In the long term, employees must be better educated about data access, phishing emails, ransomware attacks, security patches and secure logins, and there must be clear policies that are enforced to mitigate the growing information security risks.



About Us

Montash is a multi-award winning global technology recruitment business. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:

ERP Recruitment, BI & Data Recruitment, Information Security Recruitment, Enterprise Architecture & Strategy Recruitment , Energy Technology Recruitment, Demand IT and Business Engagement Recruitment, Digital and E-commerce Recruitment, Leadership Talent, Infrastructure and Service Delivery Recruitment, Project and Programme Delivery Recruitment.

Montash is headquartered in Old Street, London, in the heart of the technology hub. Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid management in permanent and contract roles.


Latest Blogs