Over the past few weeks, MELANI / GovCERT have been processing a variety of ransomware cases. Unknown perpetrators have been encrypting Swiss SMEs’ systems, rendering them inoperable. The attackers then demanded ransom payments of sometimes gigantic proportions.
Technical analysis of these incidents has shown that IT security implemented by the organisations affected was often quite patchy, and that they did not completely adhere to standard «best practices» (Info sheet: Information security for SMEs) It seems they did not pay heed to the authorities’ security alerts either.
The MELANI / GovCERT article complete with recommendations can be found here.