Article

How to keep your business safe from attacks

Has your business been a victim of ransomware? This type of malicious software (malware), that demands users pay a ransom to regain access to their data and information, is surprisingly common.

In fact, according to researchers from SonicWall Capture Labs there were a staggering 5.9 million ransomware attacks in the UK in the first half of 2020 – that’s almost as many as the number of private sector businesses there are in the UK (6 million at the start of 2020).

The volume of ransomware attacks is a number that all businesses should take seriously. Ransomware is one of the most prevalent forms of malware, software or web content that can harm your organisation, but it’s by no means the only type.

Other types of malware include:

  • Viruses – a type of malware that self-replicates by modifying other computer programs and inserting their own code, to infect them.
  • Worms – a program that can self-replicate and spread over a network, exploiting a vulnerability.
  • Scareware – malware that pops up on a user’s desktop with flashing images or loud alarms, falsely announcing that the computer has been infected. The intention is to frighten the victim into buying unnecessary software or providing their financial data.
  • Adware and spyware – adware pushes unwanted advertisements at users and spyware secretly collects information about the user.
  • Fileless malware – this may evade detection by hiding in a trusted utility, tool or security application. In some cases, a victim doesn’t even need to click on the file to activate the malware.

Free 24/7 Helpline

Need advice on managing cyber risks? Have you been impacted by a cyber event?

We’ve partnered with Cyberscout to offer our small business and farm customers free access to a 24/7 cyber helpline until 31st December 2020.

Call 0800 0698 203, ensuring you have your NFU Mutual business policy number to hand.

How to avoid becoming a victim of ransomware

Take these steps to help reduce the risk of becoming a victim of ransomware or other types of malware:

  1. Antivirus software should be installed and updated on all devices. Run a complete scan of your system on a regular basis to check for any malware infections.
  2. Only permit employees to download apps from manufacturer-approved stores like Google Play, and not from unknown sources.
  3. Only give staff the level of access required to perform their role, with extra permissions only given to those who need it.
  4. Educate employees to never open attachments or click on the links within any unsolicited emails they receive. Spoofed emails pretending to be from a person or company you know of can be used to deliver ransomware. Install the latest software and app updates on all devices, including tablets, smartphones, laptops and PCs. Enable automatic updates where possible.
  5. Back up important data to storage devices – such as an external hard drive, or an online storage service - that won’t be left connected to computers or networks.
  6. Install and switch on firewalls, which provide protection by shielding your computer from malicious or unnecessary network traffic.

What if you have already been infected with ransomware?

If your business is currently experiencing a live cyber-attack, or is a victim of a cybercrime, including ransomware, contact our free 24/7 cyber helpline provided by Cyberscout on 0800 0698 203.

As part of their call handling process, Cyberscout will advise you to report all cybercrime incidents to Action Fraud, the UK’s cybercrime reporting centre. Cyberscout can help you with the process of reporting and engaging with Action Fraud.

You can call Action Fraud on 0300 123 2040 to speak to one of their specialist advisers. If you have cyber insurance, Action Fraud will also provide you with a reference number to help with your claim.

Action Fraud collates overall cybercrime data, which helps the wider fight against cybercrime and criminals and offers practical advice on how to clean your systems. They warn victims of ransomware not to pay extortion demands as it doesn’t guarantee that access to your files or device will be restored. Hackers could also leave a malicious computer program on your device which they then can use later and paying a ransom will show criminals that you’re vulnerable to a ransomware attack.

You can also use the No More Ransom website, which is designed to help victims of ransomware to retrieve their encrypted data.

What you need to know

This is a helpline advice service provided by Cyberscout on behalf of NFU Mutual for customers who do not have a commercial cyber policy, with an annual turnover up to £3 million and fewer than ten employees. When you call, the scope of your cyber query or incident will be assessed in your initial consultation with Cyberscout. If the team are unable to resolve your query over the phone, you will receive a full quotation from Cyberscout to liaise directly with them and access the full range of services and support available.

It is not an insurance cover, and any additional costs and support are not covered by NFU Mutual, nor are these costs recoverable under your NFU Mutual insurance policy.