Partially due to the shift to working remotely, cybercriminals are finding some resemblance of success in getting internal assistance, begging the question of what to do about it.
In order for a ransomware attack to be successful, threat actors need plenty of access throughout a victim organization. Most often, we’re seeing this accomplished via honed hacking techniques. But once in a while, we see cybercriminals going the manual route. Back in August, we saw Nigerian threat actors solicit victim organization employees to deploy demon ransomware, offering nearly half the ransom yet-to-be collected.
New data in an infographic from Hatachi ID shows that an average of 48% of organizations have been approached to assist in helping to plan a ransomware attack. Director-level employees seem to be a more interesting target, with 55% of them being approached.
One of the reasons for this occurring may be found in the Hitachi ID data; the majority of organizations (83%) believe this solicitation has become more prominent since employees began working remotely.
The good news is an average of 90% of organizations are providing some form of Security Awareness Training to educate users on how to prevent phishing attacks, create secure passwords, and keep those passwords safe.
In order to ensure employees do not become the next accomplice, it’s imperative to have proper security solutions in place, as well as to make certain that your awareness training is continual in nature and occurs online, rather than the typical infrequent break room trainings.
Here's how it works:
