Ransomware ‘affecting nearly 50% of UK businesses’

Nearly half of large UK companies have been hit by a ransomware attack in the past year with some of those affected lacking a formal policy to deal with this type of cyber crime.

A survey by Citrix of 500 UK-based IT decision-makers at firms with 250 employees or more found that 48 per cent had fallen victim to a successful ransomware attack.

Targeted at businesses, these kind of attacks see a device infected with malware that ‘locks’ the user out. The user is then asked to pay a ransom through a message that appears on-screen.

The Citrix research also found that even when businesses have resolved a ransomware attack, they fear that the criminals may still be in their systems in some capacity.

And despite the risk of a ransomware attack happening, the survey found that 11 per cent of businesses don’t have a formal ransomware policy in place.

"A lot of this is about isolating a potentially infected machine, deciding whether you're going to pay the ransom or not – there's a business choice to be made there - and then being able to build confidence that you have actually dealt with the ransomware attack and it isn't still lurking there," Chris Mayers, chief security architect at Citrix, told IT Pro.

36 per cent of those surveyed who had fallen victim to ransomware doubted that all traces of that attack had been fully removed.

Mr Mayers urged companies to put a ransomware policy in place if they haven’t already, give someone the authority to decide whether or not to pay and have a solid back-up and recovery plan in place.