back to article Strong and stable, my arse. UK wobbles when coping with ransomware

A third of businesses have suffered a ransomware attack in the last 12 months, according to a new survey sponsored by Malwarebytes. Globally, most organisations experienced some form of attack or breach during the past year, with 35 per cent suffering a ransomware attack specifically. Ransomware demands are relatively low, …

  1. Phil O'Sophical Silver badge

    Are UK companies more ignorant, or just more honest?

    1. Anonymous Coward
      Anonymous Coward

      or more economical with the truth?

      The French do tend to say it like it is.

      1. Anonymous Coward
        Anonymous Coward

        The French don't have enough money to pay.

      2. Anonymous Coward
        Anonymous Coward

        The French do tend to say it like it is.

        Not when it comes to admitting error.

    2. a_yank_lurker

      "just more honest" - more honest and they are still lying.

  2. Anonymous Coward
    Anonymous Coward

    Survey..

    So not actual results. I'm minded to think that we're simply better at owning up especially in the public sector.

  3. Anonymous Coward
    Anonymous Coward

    Where are Malwarebytes getting their figures?

    Their figures contradict my experiences. I know of some companies that have been attacked as I've helped them resolve the problems.

    I work for a software house and we have about 100 customers. 3 of them have had files destroyed by ransomware in the last 12 months. They all had their files recovered by the next working day.

  4. Anonymous Coward
    Anonymous Coward

    It must be our silly knees-bent running around advancing behaviour?

  5. Tigra 07
    Thumb Up

    That makes for dire reading...

    Still...At least we're not France...

    1. James 51

      Re: That makes for dire reading...

      Where raging wildfires aside the food and weather and health service are generally much better?

      1. Anonymous Coward
        Anonymous Coward

        Re: That makes for dire reading...

        At least the French aren't daft enough to do a Frexit.

        There's a storm coming because too many people think we are smart enough to stand on our own feet in the modern world. Look at all the Finance and IT jobs we're losing already. Would you rather being making deals with Trump or Europe, I know which I prefer.

        1. Anonymous Coward
          Anonymous Coward

          Re: That makes for dire reading...

          Look at all the Finance and IT jobs we're losing already.

          Really? Which ones? How do they compare with France which has twice the unemployment rate of the UK? Or Germany, whose BMW has just confirmed massive investment for building electric Minis in the UK, Brexit be damned?

          1. James 51
            FAIL

            Re: That makes for dire reading...

            Actually BMW annouced a tiny investment. That assembly line is already producing minis so that is the cheapest place to start manufacturing the electric ones. It is when there are totally new lines for which the retooling for costs as much as a new factory, that is when we'll know which way the wind is blowing.

          2. Lars Silver badge
            Happy

            Re: That makes for dire reading...

            "BMW has just confirmed massive investment". What BMW has confirmed is that they will stick to their plan unless....Even a small brain should recognize the "unless" and take it seriously. It's not the rest of the EU that lives in "fantasy land".

        2. James 51

          Re: That makes for dire reading...

          I think we've been getting the same people for up and down votes.

          1. CustardGannet

            Re: That makes for dire reading...

            "...raging wildfires aside, the food and weather and health service are generally much better"

            I think you forgot the wine, public transport, education system, housing, and general quality of life.

            The French cops are still a bunch of racist twunts who don't give a damn about liberte, egalite, or fraternite, though.

            1. Anonymous Coward
              Anonymous Coward

              Re: That makes for dire reading...

              Believe me French public transport is not an example to copy. TGVs might be nice (if massively subsidised) but their commuter trains make the old Network Southeast look competent. And that's when they're not on strike. The education system isn't so hot these days either, slipping well down world tables.

              I'll grant you the wine, even if British fizz sometimes beats Champagne these days. If only they could make decent beer, instead of that fizzy yellow muck.

            2. Anonymous Coward
              Anonymous Coward

              "The French cops are still a bunch of racist twunts "

              And you'd better not get on the wrong side of the border cops.

              Allegedly hired from ex Foreign Legionnaires with anger management issues and as an organization self financing.

              In theory they only operate within 20Km of a point of entry. However if they suspect a light plane or parachute is involved they could declare anywhere a PoE.

              Steer well clear at all times. Anon to avoid any visits from Monsieur Plod

            3. Tigra 07

              Re: That makes for dire reading...

              Hey, i'm just working off the criteria set by James...You couldn't pay me to be French...

              1. James 51

                Re: That makes for dire reading...

                Yes, the NHS beat the EU health care system in every category except outcomes. So as long as you don't count stuff like dying sooner if you have cancer, it is the best. BTW I do think the NHS is great, it has been beaten and battered by the Tories who want to farm out as much to the private sector as possible and that is easier if they run it down first.

      2. Tigra 07
        Flame

        Re: That makes for dire reading...

        I know it's fashionable to criticise the NHS, but...

        We have the better healthcare system:

        http://www.bbc.co.uk/news/health-40608253

        And similar weather, but less rain:

        http://www.weather-guide.com/country/england-france-weather.html

        Food is a matter of taste, but they win that one

  6. iron Silver badge

    "Brit organisations who admitted any ransomware problems said they had been hit more than five times during the past year"

    Fire your IT dept / outsourced IT company and hire someone who knows what they are doing. I'd also get rid of whichever idiot is clicking on links in dodgy emails but it's probably the CEO.

    1. Ben1892

      They are too busy filling in random surveys on their security holes, so finding time to do actual InfoSec work is difficult.

    2. Anonymous Coward
      Anonymous Coward

      "but it's probably the CEO."

      Just discovered that it actually was. Oh joy, now I get to tell him ...

    3. Doctor Syntax Silver badge

      "I'd also get rid of whichever idiot is clicking on links in dodgy emails but it's probably the CEO."

      That's probably why so many don't know where it's coming from. They actually do know but saying so would be career limiting.

    4. herman

      If I were the CEO, I'd get rid of the idiot who let messages with dodgy links through the junk filters.

  7. Doctor Syntax Silver badge
    Facepalm

    "In the UK, almost 20 per cent of businesses have little or no confidence they could stop ransomware" but "35.4 per cent not knowing where it came from".

    So at least 15.4% didn't know where it came from but nevertheless have more than a little confidence they could stop it.

  8. Anonymous Coward
    Anonymous Coward

    Easy to mitigate

    -Patch your o/s monthly

    -Regularly patch your Apps that open files (word/pdf etc) regularly

    -Don't run an o/s or app that is no longer in patching support

    -Run anti-virus & update hourly and AV scan on demand all files

    -Scan incoming email using AV and block .exe attachments

    -Scan and block sites when web browsing using a web proxy and AV scanner

    -Set web browsers to block adverts and flash

    -Use a localhosts file to sinkhole malware and advert sites to 127.0.0.1

    1. Bob Hoskins

      Re: Easy to mitigate

      Especially Flash. No need for it and a quick read of CVE details on the tech makes for chilling reading.

  9. Anonymous Coward
    Anonymous Coward

    Vive la France!

    Vive la Egalité.

    Nous avons une plus grande égalité que vous!

    Et votre père a l'odeur des baies de sureau.

    1. Kevin Johnston

      Mon crayon est jaune

      1. Anonymous Coward
        Anonymous Coward

        I'll take your yellow crayon - possibly only dropped once...

        But why is English biz so ready to pay a ransom to a bunch of crims who don't really care if your files are given back once they have your money? more akin to pay&hopeware!

        take backups, retain backups, and ensure you have controlled access to shared resources.

        dontpay, they'll still take it away!

        1. Anonymous Coward
          Anonymous Coward

          Actually, my understanding was that 99% of the time (WannaCry being the exception), ransomware DOES give your files back. If they had a reputation for never giving the files back, the whole black-market of ransomware 'kits' would fall flat on their face.

  10. Andy Non Silver badge
    Trollface

    The solution

    is obviously to outsource all UK IT to France. :P

    1. Rich 11

      Re: The solution

      ...if only we weren't so intent on adding WTO tariffs to the cost of service contracts.

  11. Anonymous Coward
    Anonymous Coward

    All the brexit/remain comments again, to be fair they are fun to read.

    Why not settle it with a simple upvote for yes and downvote for no?

    You can insert whatever question you want, that way you can complain about something or support something.

    It might make you feel better about the situation or it might make you feel worse, odds are about 50/50.

    Personally I voted not to remain but stay in with a soft brexit falling back on to WTO rules and staying as part of the EU.

    Back to the article, common sense tells me that as English is the 3rd most spoken language it's going be targeted by more ransom ware than France where French is the 18th (Native Speakers Source:Wikipedia)

  12. John Smith 19 Gold badge
    Unhappy

    You do wonder about the British response

    Because until you've had an infection you don't really know how you'll cope. The question calls for a judgement call which on how it will be handled and on the day the team may just pull it together and stomp all over it.

    Likewise 5 times in 1 year sounds very bad.

    But does that mean "log shows another attempted entry. That's 5 this year" or "S**t have the ERP files have been hit again?"

    I'd like to hope IRL it means the first time caused a fair bit of chaos but that was a wake up to get their s**t together, with the other 4 being easily fended off.

    Attention British IT staff.

    Yes, ransomware is a thing. Good standard procedures (listed earlier in the thread) will cut down your risks a lot.

    If you are not using them, why not?

    If you think "It can't happen to us, we're too small" think again.

    On the internet everyone is the same size (to malware) and everyone is the same distance away. Infecting you is really no bother to them. They can infect a few dozen more while you're still deciding if you have been infected.

    1. herman

      Re: You do wonder about the British response

      Mandatory Access Control (a.k.a. WIC) is available on Windows. It can go a long way to prevent ransomware from doing anything. Why doesn't anyone use it?

      1. John Smith 19 Gold badge
        Unhappy

        "Mandatory Access Control..is available on Windows...Why doesn't anyone use it?

        Good questions.

        Probably because

        a) It either has, or is expected to have a massive performance hit

        b) People don't think it will work, because it's Microsoft

        c) It's defaults are too generous to users

        d) It has too few levels to deliver adequate granularity of protection.

        e) It requires actual management. IE someone has to decide this is needed, authorize someone to do it and see it gets done IE rolled out to all users.

        Those are the obvious answers. Never having used it I cannot see what the real barrier is.

  13. TheElder

    Never mind a CEO

    One must think at the average user level. How many people know what a file extension is never mind ever seeing one? EXE? APP? BAT? BIN? and so on...

    I also filter out quite a few countries on my server along with a rather long list of personally selected key words. Things like how to have three legs instead of just two...

    1. katrinab Silver badge

      Re: Never mind a CEO

      Remember that the default is to hide file extensions. I know the first thing we do is to re-enable them, but most people don't, so if the get a "secure-message.exe" file with a program icon that looks the same as the word document icon, they don't know any better.

  14. Hans 1
    Joke

    > cheese-eating surrender monkeys.

    Oh, come on, the British Empire was a bunch of pretty fast runners in the race to Dunkirk as well ... it is only when the Russians and USians got involved that the worm actually turned.

  15. veti Silver badge

    Clickbait

    1,054 companies across six countries - does not look to me like a solid basis for statistical comparisons between countries.

    It's probably good enough for a decent "overall" international average, but the sample size in any one country is just too small to draw meaningful conclusions.

    Nothing to see here.

  16. John Smith 19 Gold badge
    Unhappy

    "Strong and stable, my arse. "

    But

    <gollum>

    We wants it

    We needs it

    We must have hard Brexit.

    </gollum>

    You and Rupert Murdoch, eh Golly?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like