Louisiana suffered a ransomware attack last week that took down more than two thousand of the state’s computers and servers. The ransomware apparently entered the network after a user downloaded an unauthorized file. This is how most malware attacks occur, because only one user needs to fall for a phishing attempt in order for the attackers to succeed.
The biggest threat to government networks remains users being tricked into clicking on malicious links, according to the commander of the Louisiana National Guard’s cyber protection unit. Major Alan Dunn told StateScoop that the greatest challenge in protecting a network is ensuring users are trained to recognize and avoid suspicious links and attachments.
“There’s always that one user who gets the email and wants to click on it,” Dunn said. “I’ve got in-laws who do it.” Dunn emphasized that the vast majority of these attacks could be prevented if users had been trained to recognize phishing attacks.
“My thing would be user education, user education, user education,” Dunn said. “It’s users not having the proper education, clicking on the phishing link. That’s 85 to 90 percent of your battle. If people do what they’re supposed to do, you’re going to be secure.”
New-school security awareness training can build a security culture within your organization so that your employees can prevent these attacks from succeeding. StateScoop has the story.