The Ransomware Perfect Storm
A new report warns that the “perfect storm” of conditions have come together and allowed ransomware attacks to run rampant against organizations around the world. The good news is you can easily help in the fight.
Ransomware is becoming more successful than ever due to a combination of factors that allow cyber criminals to easily access corporate networks—and because a significant number of victimized organizations are willing to pay up. Indeed, a new report from BAE Systems warns that the “perfect storm” of conditions have come together and allowed ransomware attacks to run rampant against all kinds of organizations big and small.
The perfect conditions
- It’s getting easier and easier for criminals to acquire and distribute ransomware.
- The COVID-19 pandemic has provided a lot of cover for social engineers to gain entry to networks.
- Perhaps the top issue is the way in which corporate victims of ransomware are paying. This encourages cyber criminals to pursue the line of attack and normalizes the act of giving into the ransom demands. The result is an unfortunate loop, experts say; the more organizations that pay a ransom, the more acceptable the notion of paying to solve the problem becomes. And the relatively new option of claiming ransom losses via cyber insurance further encourages payments.
What you can do
In most cases, the root cause of a successful ransomware attack is an employee falling for a social engineering gambit, usually spearphishing. So there are steps you can take to avoid being part of the problem:
- Be skeptical of links you receive via email
- Emails from a trusted source can be faked, look closely
- Never divulge your network login as a result of an email request
- Anytime an email, text message, or phone call asks you to do something that just doesn’t feel right, trust your instinct and double-check with your manager.
- Think carefully about clicking to follow social media links at work, these can potentially download malicious software.
© National Security Institute, Inc.
A Smart Allocation of Resources
Regulatory Compliance
Reduces Human Risk Factor
Well Received by Everyone
Accelerated Security Awareness
Easy to Implement
Concise and To-the-Point
Flexible & Easy to Use
Email the Fully Formatted PDF Newsletter
Deliver SecuritySense micro-training posts instantly by emailing the fully formatted PDF newsletter you receive from us on the first of each month like clockwork.
Upload the PDFs to Your Internal Website
Upload the entire newsletter. Upload individual micro-training posts to call out security issues you want your people to focus on that month.
Paste Our Content Into Your Existing Communications
Use the text version of SecuritySense micro-training posts to supplement other internal communications vehicles.
Integrate HTML into Your Internal Website
Use the HTML version of SecuritySense micro-training posts to easily integrate them right into your internal facing website.