There is a new type of ransomware called “Royal” being distributed by multiple threat groups across the UK. They are extremely successful at penetrating networks using innovative and persuasive techniques.
The attackers are using Google ads and search results combined with fake, but legitimate-looking, software download sites to trick users into downloading the malware. They are also using contact forms on business websites, emails, fake forum comments and blog posts. They point to the same malicious files and are having more success than other similar attacks.
Microsoft Security Threat Intelligence has described Royal as “showing a pattern of continuous innovation, with regular incorporation of new discovery techniques, defence evasion, and various post-compromise payloads, alongside increasing ransomware facilitation.”
Ransomware is a form of malware (short for “malicious software”) where a file typically delivered over a network, is designed to deny your business access to files and systems. The cyber attackers encrypt your data and offer the decryption key in return for a ransom payment. This can be hundreds of thousands, if not millions of pounds. Typically, ransoms are requested in a cryptocurrency such as Bitcoin so they can’t be traced. Even if you pay, there is still no certainty that the attackers will ever hand over the decryption key to you. Their intent is to wreak havoc, not strike deals.
Why is Royal ransomware more dangerous than other ransomware?
Rather than trying to access your network through vulnerabilities in your servers or firewalls, the attackers are tricking people (your employees) into downloading files that give them access to your network.
Usually, Anti Spam, Anti Malware, Web Protection and Firewalls will detect and block an attack. With this method and the way they are adapting their approach, it gives them unrestricted access across your entire network with zero warning that an attack is underway.
What can I do to defend my business against Royal ransomware?
Knowledge is power
The most vulnerable aspect of your business is your staff. Unless you communicate the importance of this threat, they are your weakest line of defence. Stress the importance of a “think before you click” approach to everything – websites, links in emails, pdfs. Everything that has a link COULD be a threat.
Royal relies upon tricking humans, the most effective action you can take is to advise all of your employees to act with extra vigilance when opening emails and surfing the internet.
- Anti Spam will block emails that contain a potential link to the malicious software
- Web Protection will block users from reaching fake download sites
- Anti-Malware will detect malicious software appearing on your systems
- Cloud backup and disaster recovery will enable you to recover from an attack
The most important point with Royal is that the approach is being continually adapted and the best defence is to have employees that are vigilant and physically prevented from downloading software.
Be prepared
Do you know how you will operate if you get locked out of all your systems? Do you have a disaster recovery plan? Have you tested your backups can be restored?
If the answer no to any of these questions is no, please get in touch.
James Tilbury
Chief Executive Officer
james.tilbury@ilux.co.uk
Tel: 01480 501500
Mobile: 07834 850809
Read more articles, blogs and insights from James here>>
Cyber extortion – what does it mean for your business?
Cyber extortion – what does it mean for your business? Cyber extortion is growing at an alarming rate and is a significant threat to your business, no matter its size. ALL organisations need to be aware of the risks and how to mitigate them. James Tilbury, CEO [Read more]
Ransomware threats are surging – here’s how to protect your business
Ransomware threats are surging – here’s how to protect your business Imagine turning on your computer one morning and discovering that all your crucial files – from customer data to financial records – are locked. Completely inaccessible. Then, a menacing message demands a ransom to unlock [Read more]
Preparing for the Future: Why Upgrading to Windows 11 is Crucial for Your Business
Preparing for the Future: Why Upgrading to Windows 11 is Crucial for Your Business As a business owner or director, you will, no doubt, be familiar with the constant need to balance operational costs with the need for up-to-date technology. While upgrading hardware might seem like [Read more]