The Ransomware Perfect Storm

A new report warns that the “perfect storm” of conditions have come together and allowed ransomware attacks to run rampant against organizations around the world.  The good news is that the average employee can easily help in the fight. Find out how….

Ransomware is becoming more successful than ever due to a combination of factors that allow cyber criminals to easily access corporate networks—and because a significant number of victimized organizations are willing to pay up.

Indeed, a new report from BAE Systems warns that the “perfect storm” of conditions have come together and allowed ransomware attacks to run rampant against organizations around the world.  

Those elements include:

The ease with which criminals can now to acquire and distribute ransomware.

The fact that the COVID-19 pandemic has made it simpler for malicious hackers to gain entry to networks.

Perhaps the top issue is the way in which corporate victims of ransomware are paying.  This encourages cyber criminals to pursue the line of attack and normalizes the act of giving into the ransom demands.

The result is an unfortunate loop, experts say; the more organizations that pay a ransom, the more acceptable the notion of paying to solve the problem becomes.  And the relatively new option of claiming ransom losses via cyber insurance further encourages payments.

What you can do

In most cases, the root cause of a successful ransomware attack is an employee falling for a social-engineering gambit, usually spearphishing.  So there are steps you can take to avoid being part of the problem:

  • Be highly skeptical of any link you receive via email, even if it appears to come from a trusted source.
  • Never divulge your network logon as a result of an email request.
  • Anytime an email, text message, or phone call asks you to do something that just doesn’t feel right, double-check with your manager.
  • Think carefully about clicking to follow social media links, which often download malicious software.

© National Security Institute, Inc. www.nsi.org

SecuritySense is a subscription service that provides you with concise, easy to understand and easy to read employee cyber security awareness content. 

Subscribers receive articles and stories that support your employee security and cyber security awareness training program at a very cost effective price

 

SecuritySense

Protect Yourself & Your Company From Cybercrime

We Make it Easy to Promote Employee Security Awareness Throughout the Company in a Way That’s Well Received by Everyone

Content Needs a Strategy to Work

People pay attention to content they find personally relevant.  Learn more about our content strategy

What’s Missing from Your Cyber-Strategy?

Awareness is a state of mind you’re trying to get you company into. Find out what really gets you there.  Learn how to persuade people 

Compare Our Per Employee Cost

Talk about cost-effective! Compare our per employee annual cost with what you might pay for training platform seat licenses. It’s a no-brainer to add SecuritySense to your programSee pricing