Ransomware’s Impact Highlights the Threat of Social Engineering
Ransomware actors are continuing to shift their focus to disrupting operations that affect people’s daily lives, according to the Wall Street Journal. A ransomware attack on Wednesday hobbled bookings for Steamship Authority, a large ferry service in Massachusetts that sails to Martha’s Vineyard and Nantucket. While the ferries continued to operate, customers couldn’t make reservations online or by phone.
FireEye CEO Kevin Mandia said during a Wall Street Journal cybersecurity conference that healthcare institutions and public companies are particularly vulnerable.
“Pharmaceuticals, hospitals, healthcare, public companies, organizations that don’t have the talent and skills to defend themselves—they’re getting sucker punched,” Mandia said.
Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), said that no industry is safe from ransomware attacks.
“The threat of ransomware continues to be severe,” Goldstein said. “Ransomware can affect any organization in any sector of the economy. All organizations should urgently review our available resources and implement best practices to protect their networks from these types of threats.”
David Navetta, a partner with Cooley LLP’s cybersecurity practice, noted that these threat actors continue to expand their targeting.
“They’re hitting everybody,” Navetta said. “Any company that relies on their information technology to provide a good or a service is a target. We’ve seen manufacturers; we’ve seen chemical companies; we’ve seen non-traditional targets being hit more frequently than four or five years ago.”
The vast majority of ransomware attacks begin either through a technical vulnerability like an exposed RDP port or due to an employee falling for a phishing email or another social engineering tactic. New-school security awareness can give your organization an essential layer of defence by teaching your employees how to recognize phishing emails.
The Wall Street Journal has the story.
Free Ransomware Simulator Tool
Bad guys are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?
KnowBe4’s “RanSim” gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 20 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.
Here’s how it works:
- 100% harmless simulation of real ransomware and cryptomining infections
- Does not use any of your own files
- Tests 21 types of infection scenarios
- Just download the install and run it
- Results in a few minutes!
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: vhttps://info.knowbe4.com/ransomware-simulator-tool-partner?partnerid=001a000001lWEoJAAW