The Ransomware Perfect Storm

A new report warns that the “perfect storm” of conditions have come together and allowed ransomware attacks to run rampant against organizations around the world.  The good news is you can easily help in the fight. 

Ransomware is becoming more successful than ever due to a combination of factors that allow cyber criminals to easily access corporate networks—and because a significant number of victimized organizations are willing to pay up. Indeed, a new report from BAE Systems warns that the “perfect storm” of conditions have come together and allowed ransomware attacks to run rampant against all kinds of organizations big and small. 

The perfect conditions

  • It’s getting easier and easier for criminals to acquire and distribute ransomware.
  • The COVID-19 pandemic has provided a lot of cover for social engineers to gain entry to networks.
  • Perhaps the top issue is the way in which corporate victims of ransomware are paying.  This encourages cyber criminals to pursue the line of attack and normalizes the act of giving into the ransom demands. The result is an unfortunate loop, experts say; the more organizations that pay a ransom, the more acceptable the notion of paying to solve the problem becomes.  And the relatively new option of claiming ransom losses via cyber insurance further encourages payments.

What you can do

In most cases, the root cause of a successful ransomware attack is an employee falling for a social engineering gambit, usually spearphishing.  So there are steps you can take to avoid being part of the problem:

  • Be skeptical of links you receive via email
  • Emails from a trusted source can be faked, look closely
  • Never divulge your network login as a result of an email request
  • Anytime an email, text message, or phone call asks you to do something that just doesn’t feel right, trust your instinct and double-check with your manager.
  • Think carefully about clicking to follow social media links at work, these can potentially download malicious software.

© National Security Institute, Inc.

A Smart Allocation of Resources

Regulatory Compliance

Reduces Human Risk Factor

Well Received by Everyone

Accelerated Security Awareness

Easy to Implement

Concise and To-the-Point

Flexible & Easy to Use

Email the Fully Formatted PDF Newsletter

Deliver SecuritySense micro-training posts instantly by emailing the fully formatted PDF newsletter you receive from us on the first of each month like clockwork. 

Upload the PDFs to Your Internal Website

Upload the entire newsletter. Upload individual micro-training posts to call out security issues you want your people to focus on that month. 

Paste Our Content Into Your Existing Communications

Use the text version of SecuritySense micro-training posts to supplement other internal communications vehicles. 

Integrate HTML into Your Internal Website

Use the HTML version of SecuritySense micro-training posts to easily integrate them right into your internal facing website.