Ransomware – Phishing for Cash

By Eric Noonan • June 8, 2016

According to a recent report conducted by PhishMe, 93 percent of all phishing attacks contained encryption ransomware, up 56 percent from December of 2015. This heightened growth can be attributed to the ease of sending ransomware via phishing emails that contain job applicant, billing, shipping, and invoice-related messages with seemingly harmless attachments.

Ransomware is a category of malware that prevents or limits users from accessing their system. Users are provided with the option to pay a “ransom” via online payment methods in order to grant access to their systems or to recover their data. Ransomware can target home computers, endpoints in an enterprise network, or servers used by government organizations or private healthcare companies. Although they promise the safe return of your data, there is no guarantee that paying up will restore your access. There are two main types of ransomware, lockscreen and encryption. The lockscreen ransomware simply displays a full-screen message that locks your system and prevents you from navigating away or accessing your files. The encryption ransomware encrypts your existing files and then demands money to restore them. A system infected with ransomware will typically alert users of infection within hours, differing from other common cyber-attacks that remain undetectable for months. Small to medium-sized organizations are particularly appealing prey for ransomware criminals as these companies tend to pay up quickly to avoid the hassle of alternative methods of recovering data. Additionally, cyber culprits blackmail organizations by threatening to delete files at consistent intervals so that the victims pay the ransom faster.

How do you prevent your organization from becoming a ransomware victim? The most encouraged approach is to have a reliable and secure backup system in place. Do not always trust in the cloud for backup security, newer versions of ransomware have been able to access data shared there as well. In addition to having up to date anti-virus solutions installed on all systems, ensuring that all users within your organization have completed the latest security and awareness training is key especially now that phishing has become the main source of ransomware attacks. Educate your employees to avoid opening emails and attachments from unknown addresses and avoid clicking on suspicious links. If your organization needs direction in performing any of the above tasks, please contact any member of the CyberSheath staff, we are here to help you protect your valuable assets, big or small!

CyberSheath Blog

How to Safeguard Your Company from Phishing

Email is so ubiquitous in our everyday lives that it can be a challenge to always be on guard when receiving messages. Each day it’s not unheard of for each member of your team to have hundreds of messages land in their inbox. How do you make sure that none…

3 Tools to Help Defend Your IT Infrastructure from Threats

With the continually evolving threat landscape and the prevalence of team members working from home, it is more important than ever to be proactive with how your company is protecting itself from cyberattacks.  CyberSheath can help. We offer services to build on all the great work you have already done…

DNS Filtering for Additional Protection of IT Systems

Phase one of securing your IT infrastructure should include protecting your endpoints and safeguarding your employees from phishing attempts. After you have implemented these controls, the next logical step is to launch a DNS filtering solution.   What is DNS filtering and why do you need it? Domain name server…

Our Trusted Partners

Tenable Microsoft Siemplify KnowBe4 ConnectWise DUO