The globally coordinated malicious software called “ransomware” which had affected the Britain’s National Health Service and forced the British hospitals to divert the patients last Friday is still a cyber threat for the majority of businesses including recruitment businesses. While the initial panic may be over, the ease with which this malware permeated thousands of businesses across the world should make everyone take cyber security very seriously indeed.
Ransomware attacks are characteristic of highly focused and personalised attacks. The victim is sent a very personalised but infected email attachments which makes it difficult for them to determine if it is legitimate or just a threat. Once the data is encrypted, there is invariably very little a person can do.
2016 witnessed a number of ransomware attacks and they are reported to have increased by more than 500 percent in recent years. Over the last few years, data has become an extremely valuable asset as majority of the organisations are moving towards data-driven economies. The recruitment industry is a totally data-driven industry which hugely depends on its database created over the years and is at higher risk.
There haven’t been sustained new attacks but the way these attacks work means that infected machines and network may not yet have been detected and the existing infection from the malware can spread across the networks. There are two ways to fight this situation and considerably reduce the risk of attack and mitigate the impact of the successful attacks.
A. Limit the spread and impact of the attacks that have already occurred
B. Protect your recruitment business from ransomware by
- Keeping your organisation's security software patches up to date
- Use proper anti-virus software services
- Create back up the data that matters to you as you can’t be held for ransom for the data you hold somewhere else
- Say no to suspicious emails and links
- Train your staff to know what to look for and how to be safe online
The way forward
The increasing digital epidemic attacks have resulted in the decline in the trust of digital. There are many steps that a company should undertake and one important move is the new General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) due to become law next year and which will provide a sturdy foundation to build upon. To keep the trade and business ongoing, UK organisations will be required to adopt the new strict data security laws and comply with the GDPR.
In our constant endeavor to keep our clients on top of the legislative changes, we will soon announce the date of an event on GDPR. Watch this space to know more.