Published: September 09, 2021 on our newsletter Security Fraud News & Alerts Newsletter.
A research report by Trend Micro finds only 50% of organizations can identify cybercrimes…in particular, ransomware attacks. That’s not good news for anyone, but on the other hand, Trend Micro also finds there’s plenty of room for improvement. That progress depends on each individual company and how they do (or don’t) approach strengthening their security environment. Hackers are proving even more ruthless with their attacks, especially those using ransomware.
Those organizations lacking the effort to find and prevent even the most common of cyberattacks like email phishing, leave themselves, their clients, and their employees wide open for ransomware and other attacks. And now, it’s no longer just about deciding to pay a ransom or not – there’s much more at stake these days.
What, Me Worry?
Many ransomware threat actors are adding blackmail to their ransom demands. As part of their victim squeeze for payment, attackers also leverage divulging highly sensitive company information until the victim pays for the data decryption key. Some of that information can include compromising communications from company higher-ups, salaries, and many more incriminating details. Attackers will also threaten to post stolen sensitive data online for sale or maybe just for free as an incentive for paying the ransom. The FBI warns victims to never pay a ransom since they believe doing so only encourages further ransomware attacks. But to make that happen, there’s work to be done.
“The Ability to Respond Quickly…”
In Trend Micro’s report, they find “The ability to respond quickly can be the difference between a mitigated attack and an incident that gets written up in the newspapers.” All is not lost, however. An organization committed to improving their cybersecurity can do so in several ways; some of them are surprisingly easy to do.
Awareness of unusual or suspicious activity in a network can be the harbinger of an impending or current attack. Monitoring a system for compromise, including the ability to find unauthorized users in the network, can help mitigate a ransomware attack before it’s too late.
Employee education is often overlooked as a significant security tool, especially since staff are often the first line of protection against attacks. Cyber-smart employees can stop a phishing email before it turns into a ransomware attack. Staff should receive regular education updates as cyberattacks improve and trend over time.
Regular data system backups are like self-protection against ransomware demands. Regular data backups allow for restoring data encrypted in a ransomware attack. Backups should be on a separate server that’s out of reach from hackers, and data restoration methods should be done on a regular basis, so they function properly when needed.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org