A Lawyer's Look at "Big Game Phishing"



ransomware-screen-skullRansomware attacks have increasingly been going after high-value data in order to extract larger ransoms from victims, according to the well-known law firm Cooley. This trend was highlighted by the FBI’s recent warning about high-impact ransomware events. These attacks can target any type of organization that would be crippled by losing access to important data.

Attackers usually gain access via a phishing attack or a network configuration vulnerability such as an exposed RDP port. Once they’re in, they can move throughout the network and identify critical data before launching the ransomware attack.

Cooley says three of the most valuable targets for an attacker are “(i) high-value data or assets, such as trade secrets or personally identifiable information; (ii) critical timing issues or red-letter dates, such as tax-filing deadlines or the start of a new school year; and (iii) data backups.”

Additionally, Cooley points out that the costs associated with a ransomware attack include “not only paying the ransom demand but also expenses associated with lost business, time, files, equipment; wages; third-party remediation services; or higher insurance premiums.”

For large companies, ransomware attacks can be extremely costly, and for smaller organizations, one of these attacks could be a business killer. Organizations need to invest in countermeasures to prevent attackers from getting in. New-school security awareness training can address the human element and prevent your employees from falling for phishing attacks. Cooley has the story: https://cdp.cooley.com/big-game-phishing/

 


Request Your Security Awareness Training Quote

products-KB4SAT6-2Old-school awareness training does not hack it anymore. Your email filters have a ~10% failure rate; you need a strong human firewall as your last line of defense. KnowBe4 is your platform for new-school security awareness training. We help you keep your users on their toes with security top of mind. You simply have got to start training and phishing your users ASAP. If you don't, the bad guys will. Find out how affordable this is for your organization and be pleasantly surprised.

Get A Quote Now

Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://info.knowbe4.com/kmsat_get_a_quote_now

Subscribe To Our Blog


Domain Spoof Test Contest




Get the latest about social engineering

Subscribe to CyberheistNews