Ransomware – Phishing for Cash

By Eric Noonan • June 8, 2016

According to a recent report conducted by PhishMe, 93 percent of all phishing attacks contained encryption ransomware, up 56 percent from December of 2015. This heightened growth can be attributed to the ease of sending ransomware via phishing emails that contain job applicant, billing, shipping, and invoice-related messages with seemingly harmless attachments.

Ransomware is a category of malware that prevents or limits users from accessing their system. Users are provided with the option to pay a “ransom” via online payment methods in order to grant access to their systems or to recover their data. Ransomware can target home computers, endpoints in an enterprise network, or servers used by government organizations or private healthcare companies. Although they promise the safe return of your data, there is no guarantee that paying up will restore your access. There are two main types of ransomware, lockscreen and encryption. The lockscreen ransomware simply displays a full-screen message that locks your system and prevents you from navigating away or accessing your files. The encryption ransomware encrypts your existing files and then demands money to restore them. A system infected with ransomware will typically alert users of infection within hours, differing from other common cyber-attacks that remain undetectable for months. Small to medium-sized organizations are particularly appealing prey for ransomware criminals as these companies tend to pay up quickly to avoid the hassle of alternative methods of recovering data. Additionally, cyber culprits blackmail organizations by threatening to delete files at consistent intervals so that the victims pay the ransom faster.

How do you prevent your organization from becoming a ransomware victim? The most encouraged approach is to have a reliable and secure backup system in place. Do not always trust in the cloud for backup security, newer versions of ransomware have been able to access data shared there as well. In addition to having up to date anti-virus solutions installed on all systems, ensuring that all users within your organization have completed the latest security and awareness training is key especially now that phishing has become the main source of ransomware attacks. Educate your employees to avoid opening emails and attachments from unknown addresses and avoid clicking on suspicious links. If your organization needs direction in performing any of the above tasks, please contact any member of the CyberSheath staff, we are here to help you protect your valuable assets, big or small!

CyberSheath Blog

Dr. Robert Spalding to Address Nation-State Attacks at CMMC Con 2021

Since the inaugural CMMC Con, we’ve seen some of the most malicious attacks on American infrastructure ever executed. The SolarWinds attack reverberated across the entire government as agencies scrambled to discover what nation-state attackers had accessed and stolen. The Colonial Pipeline, shut down by a ransomware attack, led to fuel…

CMMCEnclave: Add Versatility with a More Flexible Approach

The enclave approach to CMMC compliance is one of the most cost effective and least disruptive ways to safeguard CUI. You can maintain high-value custodial security of CUI without upending your existing processes, procedures, and people. That way, you can maintain the proper level of CMMC compliance and remain eligible…

CMMC Con 2021 Opens Registration, Reveals Theme and Speakers

CMMC compliance stands in the way of revenue for every defense contractor in the supply chain. Now that CMMC is a reality for the Defense Industrial Base (DIB), learn how contractors — primes and subs, large and small, foreign-owned — are handling the standards and requirements, as well as the…

Our Trusted Partners

Cyberark McAfee Thycotic RSA Tenable Alien Vault Alert Logic Microsoft

CMMC Con 2021 is here! Save your spot to hear the latest on CMMC from our expert speakers across the government and Defense Industrial Base.