Prediction: Ransomware Attacks to Spike as Employees Return to the Office

Ransomware-2Because of the nature of ransomware attacks and the mass numbers of workers at home, anti-malware vendor Emisoft believes we’re going to see a rise once work returns to normal.

Ransomware is a numbers game: launch enough attacks and a percentage of them will return revenue back to you. This rings true regardless of whether attacks are targeting specific organizations or are part of a mass emailing of millions of email addresses. But, according to security researchers at Emisoft, we’re seeing a lull in successful ransomware attacks because of the pandemic.

Here’s the thinking: Ransomware attacks function in stages. The first stage is reconnaissance, where the initial infection checks to see if the compromised endpoint is valuable enough to launch a full ransomware attack. We’ve seen infostealer malware collect all kinds of information; this gives you an idea of how granular a cybercriminal can be before having the initial malware contact a C2 server to download the ransomware payload. So, with 61% of remote workers using personal devices, it makes sense that cybercriminals are holding off completing the attack, as only holding a single device for ransom isn’t profitable.

Once employees return to the office – at least 41% of employees intend to – the idea is that they will resume working on their corporate devices (the ones connected to every other corporate device on the network). This is a far better-looking prospect if you’re a cybercriminal intent on using ransomware to make money.

Emisoft also warns of the return of corporate devices back to the corporate network, stating network segmentation for these endpoints should be in place to minimize the impact of any dormant ransomware waiting to run once back at the office.

They also recommend employees be enrolled in Security Awareness Training, as two-thirds of employees received no training in the last year. This will dramatically help lower the likelihood of successful attack should cybercriminals attempt to re-infect the business endpoint belonging to the same victim user who fell for an attack while working at home on their personal device by sending them another phishing email in the future.

Get Your Ransomware Hostage Rescue Manual

RansomwareManual-2020-CoverThis 20-page manual is packed with actionable info that you need to prevent infections, and what to do when you are hit with ransomware. You also get a Ransomware Attack Response Checklist and Prevention Checklist. You will learn more about:

  1. What is Ransomware?
  2. Am I Infected?
  3. I’m Infected, Now What?
  4. Protecting Yourself in the Future
  5. Resources

Don’t be taken hostage by ransomware. Download your rescue manual now! 

Get Your Manual

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews