Published: July 25, 2021 on our newsletter Security Fraud News & Alerts Newsletter.
Remember when ransomware attacks always happened to other organizations and not yours? According to recent data, that false sense of security is exactly that, false. Ransomware, a type of malware that can literally end the future of a business, has been growing strong and improving year after year. Data from Cybersecurity Ventures shows the global financial cost of ransomware in 2021 will reach $20 billion. The estimated frequency of these attacks is expected to reach every 11 seconds by 2021, up from one every two minutes in 2016.
Ransomware is expected to worsen and make up even larger shares of cybercrime by next year. The devastation ransomware creates includes much more than paying a ransom to restore encrypted data. Businesses can face significant downtime to recover, lost productivity, harm to their reputation, restoration costs to data systems, and the cost of investigation into how the attack occurred to begin with.
It’s time for every organization to give preventing ransomware the attention it requires. Not every enterprise will survive such an attack, but with knowledge comes power, and every organization has the ability to learn.
One fact every organization should know is bad actor’s love using social engineering tactics to get ransomware into a data system. Social engineering deceives, influences, and manipulates an employee into lowering their guard. Ransomware attacks are increasingly targeting victims with laser precision and their preferred method of social engineering attack is email spear phishing.
Spear phishing emails target a specific individual or an entire department within an organization and appear to be from a trusted source. Often addressing individuals by name, spear phishing emails gain trust, and that trust includes opening attachments, downloading files, or redirection to bogus websites. The problem is, all of these options can harbor ransomware. Spear-phishing is responsible for 91% of all cyberattacks and these emails could be flooding inboxes everywhere, including yours and those of your co-workers.
Ransomware Mitigation Tips
Think before you click. Never open email attachments, download files, or click on links unless you are expecting them. Otherwise, there’s a good chance they’re loaded with malware, including ransomware. Always better to confirm with the sender that the email is legitimate and from someone you trust before acting on it.
Don’t overshare personal details on social media. Limit the personal part of what you share, as hacker’s frequently troll these sites to build personal profiles for future attacks. Also limit what’s exposed on a company website, including job titles, responsibilities, and contact information.
Educate employees on how to spot these attacks, including spear phishing, and what to do when they suspect one. Employees are often the first line of defense against cybercrime, and ongoing education creates a cyber-smart staff that can stop ransomware and other cyberattacks before they start.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org