Posts

Met Police see ransomware as the biggest cyber-security threat in 2018

A series of global ransomware attacks in 2017 have reaped millions of dollars in rewards for criminals who have penetrated unsuspecting users’ IT systems and encrypted their data. In the UK, the National Health Service was one of a number of high-profile victims of such attacks.  According to London’s Metropolitan Police, ransomware looks likely to be a major threat again in 2018. Ransomware cannot prevent access to data stored in Safe4, as indicated in previous articles on this website.

In an article published in The Times newspaper today, the need for managing personal information is highlighted even more strongly. Theft of identity, and with it money, has become such an enormous issue that more and more of us are likely to be at risk through insecure management of our online activities. Using clever apps or devices on mobile phones or computers will obviously help; however using secure online services to deliver and store critical personal information will give the greatest level of protection to businesses and their clients alike.

Safe4 has been rated among the most secure 0.8% of sites on the Internet by independent agencies, out of more than 1.5 million tested. Using the Safe4 Asset Register to handle personal details for a wide range of online activities offers a unique facility for holding both confidential documents and individual elements of data, such as personal identification details. All data held in Safe4 is stored in UK-only data centres accredited to ISO 27001. Please contact us for more information.

Ransomware – why Safe4 customers are protected

The ransomware attacks that have affected many organisations around the world over the weekend have exposed some serious vulnerabilities in the way that information is managed; using out-of-date operating systems and the failure to implement security updates are clearly primary causes of the exposure. However, it should be remembered that the problem normally arises when an unsuspecting user clicks a link in an email that is urging them to take some “essential” action, such as to update the information stored by a service provider.

Of course the email does not come from the service provider at all, but is a cleverly-disguised piece of work by a criminal organisation that will install an invasive piece of software on the user’s computer that can encrypt files and demand ransom payments in exchange for a decryption key.

Safe4 customers, and their clients, are protected against this risk in a number of ways:

  • Firstly, it is never necessary to send any confidential information, or indeed any information at all, by email. The primary function of Safe4 is to provide organisations of all types with the ability to deliver and store information of any kind in a way that makes it accessible to authorised users only. Thus if a Safe4 user receives an email requesting them to take any unusual or unexpected action, it can safely be ignored.
  • Secondly, all the files held in Safe4 are maintained in UK-based data centres accredited to ISO 27001, and are only available after the user has authenticated themselves through a web portal. The user does not therefore have direct access to the information in the way that they would if the files were held on a local or network drive.
  • The third reason for the safety of Safe4 customers is the inherent design of the system. Safe4 is a system of record. Files held in the system cannot be changed; this means they cannot be encrypted. Even if malware were to penetrate the security layers of Safe4, it cannot alter the files that have been stored. New versions of files could theoretically be created containing an encryption code, but the original files are still available for retrieval at any time – without having to pay any ransom.

We at Safe4 are continuing to remain vigilant in the constant battle against cyber criminals. Independent tests have rated Safe4 among the most secure 0.8% of sites on the internet out of millions tested due to the measures that we have put in place to protect our customers’ data. Please contact us if you would like any further detail on the security features of Safe4.

Ransomware has become a major business and social menace

Instances of businesses of all sizes being infected by ransomware are becoming more and more common. It is not just corporate bodies that are being hit – individual members of the public are also being asked to pay sums of money to criminals in order to remove viruses from their data. It is also understood that 30% of National Health Service hospitals in the UK have suffered ransomware attacks.

There are a range of measures that will help to protect against the effects of ransomware, as outlined in this recent article. As well as taking protective steps, however, the safest way to reduce the risk of being infected by ransomware is for businesses to inform their customers, employees, associates, partners, suppliers and any other parties that they communicate with is to make it clear that no information of any importance will ever be transmitted by email, which is the source of the overwhelming majority of the malware that leads to ransomware problems.

Safe4 have been highlighting this issue for some time – if important or confidential information is placed into a secure vault where it will be available to authorised users whenever they need it, the need for sending anything of consequence by email is dramatically reduced. Whilst it is almost impossible to remove the threat of being infected by malware completely, there are safer ways to communicate that radically reduce this risk.

Please contact us. We will be very pleased to assist in the fight against fraud and cyber crime.