Business Case Studies

Ransomware and Phishing

Ransomware is a specific type of malicious software that blocks the victim from accessing their computer, or certain files on their computer until they pay a ransom to the hacker. Hackers frequently use phishing attacks to deliver malware to the user’s device. In the phishing attack, the hacker spoofs a legitimate organization and send an email to the user, inviting them to download an attachment. The attachment harbours the malware which infects the computer once the user opens the attachment. The user is then locked out of their files until a resolution is found.

An increasing number of hackers are turning to ransomware instead of other ‘traditional’ forms of cyberattack. According to Verizon, the communications company, it was the most-used type of malicious software in 2018, accounting for 39% of malware phishing attacks. This figure is double the proportion of malware attacks which were made with ransomware in 2017.

One of the reasons for the skyrocketing popularity of ransomware is the ease at which criminals can find the software online. Hackers don’t need to be skilled software engineers themselves to run these attacks; they can simply purchase the ransomware on the dark web. It requires minimal effort on the part of the phisher, but with a big payback for their little effort. The victims are comparatively helpless and can do little else but pay the ransom.

Organisations and Ransomware Attacks

Phishers are no longer targeting single individuals with their attacks; they have turned their attention to large organisations and business, which the hacker can extort for higher financial gain. Large organisations have reported an increase in attacks on their systems in recent years. The attacker sometimes closes down access to their systems in demand for the ransom. Other attackers hold certain information ransom, such as the private medical information of patients if they attack a healthcare provider. As the organisation could face substantial legal issues if their patient’s data is released, they are forced to pay the ransom.

Due to the relative ease at which these attacks occur, the number of attacks shall likely continue to increase in the coming years.

These attacks have such a high success rate for the scammer because organisations find it challenging to protect against them. The most straightforward way is to teach employees about the dangers of phishing. If the employees know how to spot suspicious emails, they won’t be inclined to open the attachments and then inadvertently introduce the malware into the system. Preventing the system from being compromised, instead of dealing with the after-effects of the attack, is the easiest way to ensure a company’s security isn’t compromised.

It should be emphasised to employees that opening emails from unknown senders poses a severe risk to the security of the organisation. However, if they do open emails, they should never follow embedded links or open attached PDF files or images. If they do accidentally click a link in an email or open an attachment, they should be encouraged to contact the IT department as quickly as possible and disconnect their device from the network to try to mitigate the damage. The IT department can assess if the hacker has acquired unauthorised access to the system.

They can also tell the rest of the organisation of the potential breach so that others can be vigilant for similar scams.

Regular phishing training workshops are recommended, as are emails informing employees about the latest scams that are circulating the internet.