Defending Against Ransomware is a Team Effort

Hacking_LibraryRansomware operators have grown very skilled in targeting exactly what will compel an organization to pay up, according to Andrew Brandt, principal researcher at Sophos. On the CyberWire’s Hacking Humans podcast, Brandt explained that organizations of all sizes are at risk from targeted ransomware attacks. Earlier ransomware attacks, like WannaCry in 2017, went after any machine that was vulnerable, but newer attacks involve meticulous targeting and staging.

“We don't see quite so many ransomware attacks that target individuals,” Brandt said. “We see that the criminals have realized that they can make a lot more money by targeting organizations that have the deep pockets to pay the ransom but may not have the technical expertise to recover themselves quickly enough to sort of restore business operations. And it becomes a strategic game for the ransomware operators, where they're trying to do just enough damage that they push people into the paying the ransom decision instead of just trying to fix it themselves by recovering from backups or, you know, what have you.”

In order to penetrate an organization, attackers only need one point of entry from which to launch additional attacks and spread throughout the network. Brandt explained that organizations need to train their employees to defend themselves against these initial attacks.

“IT security, in particular, depends on, basically, everyone in the company is on the front lines,” he said. “And they need people to be their eyes and ears. And if the employees feel that they're not being treated respectfully by the security folks, being told that, oh, that was a really dumb thing to do - anybody can be fooled by a phishing attack. Even I can be fooled. I have very nearly clicked malicious links, and I do this for a living. So, if I can be fooled, anybody can be fooled. And so, you should just be open to listening to people. And when they tell you something is going on that's not right, trust their instincts and at least take a look.”

Most ransomware attacks are caused by employee error, such as falling for a phishing email or using poor authentication measures. New-school security awareness training can prepare all of your employees to face these threats.

The CyberWire has the story:

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 23 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews