Why Ransomware Protection Should Start with User Awareness
Ransomware is now the biggest threat to UK businesses, according to the National Cyber Security Centre (NCSC). Throughout the pandemic, breaches have soared as threat actors targeted distracted home workers and insecure devices and networks. For many smaller businesses, a serious ransomware attack could represent an existential threat. In this context, security operations (SecOps) teams have plenty to keep them busy. But while monitoring for ever-changing tactics, techniques and procedures (TTPs), they must also remember the one constant in many attacks: human error.
That means knitting continuous security awareness training programs into the fabric of the corporate cybersecurity strategy. The stakes are too high to overlook insider risk.
Why Ransomware Hurts
NCSC boss Lindy Cameron was spot on in her threat assessment of ransomware. Attacks soared by an astonishing 485% year-on-year in 2020, according to one report. Like Colonial Pipeline and JBS in the US, big-name victims attract most of the media coverage — the former leading to unprecedented fuel supply shortages up and down the US East Coast earlier this year. But the truth is that SMBs still comprise the majority of victims. According to one report, in Q1 2021, organizations with up to 100 employees accounted for nearly two-fifths (37%) of targeted companies. Add organizations with 100 –1000 employees, and you have 73% of corporate victims during the period.
The Human Factor
If payment isn’t an option, what are the alternatives? Number one has to be prevention, followed by rapid detection and response. Looking at the former, we have to consider human error: a near-omnipresent factor behind the modern cyber risk.
The top three attack vectors for ransomware groups are software vulnerabilities, RDP hijacking and phishing. Humans play a part in all three. They write the buggy code exploited by attackers and fail to protect RDP endpoints with solid credentials and/or multi-factor authentication. But perhaps the most widespread example of human error is phishing and social engineering. According to one study from May 2021, 85% of breaches over the previous 12 months featured a human element, and phishing increased 11% year on year.
What to do Next
So how do you mitigate human-shaped cyber-risk? It must start with regular training sessions designed to simulate real-world phishing attacks and test employees’ responses. All staff—from the CEO down to temps and contractors—must be included. And sessions should be kept to frequent, short bursts of 10 minutes or so for maximum impact.
Outside expertise can be the most useful to craft a program that will truly inspire company-wide cultural change among employees. Data is crucial here: you should be able to study the results of sessions to tweak awareness and training programs and help specific users if necessary. Third-party providers can also advise on what types of simulation to use based on the attacks they often see in the threat landscape. And they can run red team exercises designed to test how resilient staff is to phishing lures when faced with ‘attacks’ outside the classroom.
Organizations should also build on these training sessions and exercises by improving cyber awareness at a board level. That means regularly communicating security strategy to the leadership team and updating it on any new vulnerabilities or threats that could represent serious business risk. SecOps and NetOps teams have a crucial role to play here, as these are the individuals are on the cyber-front line.
New-school security awareness training can enable your employees to recognize and avoid these attacks.
With thanks to InfoSecurity magazine. The full story is here: https://www.infosecurity-magazine.com/opinions/ransomware-protection-user/
The world’s largest library of security awareness training content is now just a click away!
In your fight against phishing and social engineering you can now deploy the best-in-class simulated phishing platform combined with the world’s largest library of security awareness training content; including 1000+ interactive modules, videos, games, posters and newsletters.
You can now get access to our new ModStore Preview Portal to see our full library of security awareness content; you can browse, search by title, category, language or content topics.
The ModStore Preview includes:
- Interactive training modules
- Videos
- Trivia Games
- Posters and Artwork
- Newsletters and more!
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/security-awareness-training-preview-partner?partnerid=001a000001lWEoJAAW