Ransomware – Phishing for Cash
According to a recent report conducted by PhishMe, 93 percent of all phishing attacks contained encryption ransomware, up 56 percent from December of 2015. This heightened growth can be attributed to the ease of sending ransomware via phishing emails that contain job applicant, billing, shipping, and invoice-related messages with seemingly harmless attachments.
Ransomware is a category of malware that prevents or limits users from accessing their system. Users are provided with the option to pay a “ransom” via online payment methods in order to grant access to their systems or to recover their data. Ransomware can target home computers, endpoints in an enterprise network, or servers used by government organizations or private healthcare companies. Although they promise the safe return of your data, there is no guarantee that paying up will restore your access. There are two main types of ransomware, lockscreen and encryption. The lockscreen ransomware simply displays a full-screen message that locks your system and prevents you from navigating away or accessing your files. The encryption ransomware encrypts your existing files and then demands money to restore them. A system infected with ransomware will typically alert users of infection within hours, differing from other common cyber-attacks that remain undetectable for months. Small to medium-sized organizations are particularly appealing prey for ransomware criminals as these companies tend to pay up quickly to avoid the hassle of alternative methods of recovering data. Additionally, cyber culprits blackmail organizations by threatening to delete files at consistent intervals so that the victims pay the ransom faster.
How do you prevent your organization from becoming a ransomware victim? The most encouraged approach is to have a reliable and secure backup system in place. Do not always trust in the cloud for backup security, newer versions of ransomware have been able to access data shared there as well. In addition to having up to date anti-virus solutions installed on all systems, ensuring that all users within your organization have completed the latest security and awareness training is key especially now that phishing has become the main source of ransomware attacks. Educate your employees to avoid opening emails and attachments from unknown addresses and avoid clicking on suspicious links. If your organization needs direction in performing any of the above tasks, please contact any member of the CyberSheath staff, we are here to help you protect your valuable assets, big or small!