Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading.
What is drive-by downloading?
Drive-by downloading occurs when a user unknowingly visits an infected website and then malware is downloaded and installed without the user’s knowledge.
Crypto ransomware, a malware variant that encrypts files, is spread through similar methods and has also been spread through social media, such as Web-based instant messaging applicants. Additionally, newer methods of ransomware infection have been observed. For example, vulnerable Web servers have been exploited as an entry point to gain access into an organization’s network.
How do you get Ransomware?
A great way to kick off a phishing awareness training course is to ask,
“How do you get ransomware?”
The majority of trainees will be aware that ransomware attacks can be launched by clicking on a malicious URL or opening an infected email attachment. Conscious of the recent WannaCry attack, some may be aware of the importance of keeping software up to date. Other attack vectors are far less familiar – and the preliminary measures you’ll need to take to raise phishing awareness.
After Asking the Question “How do you get Ransomware?”. . .
In most scenarios, the answers to the first half of the question will be textbook; but the second half, how to report suspicious links and attachments, often draws blank faces. This might reveal a major problem with your company’s online security, especially when a link has been clicked or an attachment opened.
After asking “How do you get Ransomware?”, the next question should concern how to identify suspicious links and attachments, and how to report those suspicions.
Important: All employees need to know the reporting procedure and the importance of swiftly reporting a clicked link or opened attachment. Only by quickly alerting the IT security team to the possible risk of an infection can a threat be well contained and the potential damage limited.
Employees must know that even if a computer has been locked by ransomware, swift action can prevent the infection spreading to the rest of the network or stop secondary malware from being dropped.
Measures a Company Can Take to Protect against Ransomware
In many areas of life, knowing something and applying that knowledge don’t always follow hand in hand. Although your employees may know “How do you get ransomware?” and even how to report suspicions, companies should implement measures to protect themselves against ransomware and its consequences.
These measures may vary, but generally include:
- Take frequent back-ups, so if data is encrypted by ransomware, there is a recent restore point.
- Install a program that will check for and install software updates.
- Virus scan all external drives and mobile devices connected to the network.
- Maintain an ongoing program of phishing awareness and keep asking the question “How do you get ransomware?”.
Ransomware has the power to take away from personal files such as documents, photos, financial information, and all the things you care about essentially. What happens a lot of the time is if you’re infected, you will end up with useless files on your computer but they are now encrypted. Scammers will then most likely scam you for your money.
This is the fastest growing crime on the internet. It grew by 4500% in 2014, and it shows no signs of stopping, it’s just too profitable for an everyday scammer.
5 Do’s and Don’ts:
- Don’t pay the ransom: I can hear someone asking, “But don’t you get our files back if you pay the ransom?”. Just like a bully who tires of the keep-away game, you likely will get your files back if you pay. BUT you may not. Seeing a sucker on the hook, you might get asked to pay again and again.
- Don’t click on attachments in email: There are a lot of different gangs running ransomware scams, who use different ways to try and infect you. One of the most popular is using spam. The email could be saying there was a package for you that couldn’t be delivered. Or a cool screensaver that you should install. Whatever the con, the scammers want you to click on an attachment to install malware.
- DO keep software up to date: The interesting thing is scammers know about the weaknesses in the software on your PC before you do. They try to use them to get on your machine. It is called exploiting vulnerability. Patching removes vulnerability. If you’re asked if you want to update your software – do it now!
- Do use security software: If you don’t have a friend who is a security expert, who spends 24/7 keeping up on all the latest malware threats and watches over your shoulder whenever you’re on the computer, get good security software. Norton Security will do the job, as it is a Anti-Virus but also it does many other things to protect you and your PC.
- Do back up: No one ever thinks anything bad will happen to them, until it does. Backing up your files will protect them if they ever are compromised.