Recent ransomware attacks are an increasing challenge for organizations. When there is uncertainty globally, the odds are against companies that their employees will know how to react and spot social engineering attempts. In light of the pandemic, this brings on a new set of vulnerabilities and risks that organizations need to manage. COVID-19 has created the perfect storm for hackers to strike.
Home offices present a weak point
Employees working remotely have exponentially increased the corporate attack surface. Think about your IT staff with admin privileges or your executive staff with access to highly confidential information. These can all be accessed through weak points. From social engineering to ransomware, your employees could be granting hackers the keys to the kingdom. Even as we see an end to the pandemic in sight, predators have found new ways to trick unsuspecting victims. The lines between working and relaxing while at home are getting blurry. Sitting at home in sweatpants while working often translates to being less security-minded. This carelessness increases the chance of a successful cyber attack.
Recent ransomware attacks target home computers and networks
With millions of Americans now working from home, the latest scam targets home computers and home wi-fi networks with ransomware. A form of digital extortion, ransomware forces businesses, governments, school districts and hospitals to pay to regain control of their IT systems and data. The most recent ransomware attacks are frequently run by Russian cybercriminals, who are, unfortunately, often successful.
Russian ransomware scams
Russian hackers are now targeting employees more than ever before. Because many employees working from home use the same computer for work and everyday internet browsing, their networks are easy to infiltrate. Employees are tricked by spam emails, fake websites and other tactics.
Even those using more secure cybersecurity tools such as VPNs are at risk. The latest hackers wait for the user to log off the VPN, looking for personal internet use to infiltrate the network and install the ransomware. Before they know it, victims have malicious software installed on their computer system and receive a ransom request. Hackers using ransomware often request payment in Bitcoin. For example, a municipality in Florida recently had to pay a hacker $600,000 in Bitcoin to take back control of its computers.
How can you safeguard against ransomware at home?
Employees are the front line of any organization’s cyber defense, so they need continuous training to understand the threats and know how to react when security controls fail. Use regular phishing tests and anti-phishing training to prepare your employees to recognize phishing attempts that could lead to ransomware attacks. With interactive anti-phishing training, your employees will come to acknowledge phishing and social engineering attempts. Ongoing training and phishing simulations keep them ahead of ransomware attempts that are becoming more sophisticated each day.
Global Learning Systems partners with you to address your knowledge and skills gap and assist you in building a robust cybersecurity awareness program. By taking these steps, we can improve your cybersecurity program in these uncertain times.