Why ransomware spreads via phishing emails

Avatar

Ransomware is a type of malicious software (aka malware) that prevents users from accessing a device or system by locking screens or encrypting files and data. As its name suggests, the malware asks for a ransom in exchange for the decryption key.

According to a recent study conducted by security company SentinelOne, 39% of UK organisations were hit by ransomware – on average, five times – in the last 12 months. Fear of becoming the next victim is escalating: a Trend Micro report showed that 69% of professionals believed their organisation will be targeted in the next 12 months.

The phishing-ransomware relationship

The SentinelOne study also revealed how ransomware gained access to companies’ systems: 72% of UK organisations identified phishing via email or social networks as a source of ransomware infection. Why do cyber criminals use phishing as a vector for more sophisticated ransomware attacks? Here is a list of possible reasons:

  • Phishing uses social engineering tactics, which manipulate people into performing actions without realising the malicious purpose. The less aware the target is, the more successful the attack is.
  • If cyber criminals have a precise target in mind, the more carefully the email is crafted to look like it comes from a legitimate and trustworthy sender (a colleague, the bank or the government), the more likely it is that the recipient will swallow the bait.
  • In the event of a random ransomware attack (with no particular target), social media networks open up the widest audience possible. In these situations, posts about easy wins or too-good-to-be-true bargains are a simple way to lure inattentive or greedy users.
  • In both cases, the invitation to share the post or forward the email to colleagues widens the audience, and hence the number of possible victims.

Making sure your staff understand the risks phishing presents will make difference

Although ransomware and phishing attacks have been around for a few years, they are still relatively unknown or underestimated: 36% of UK office workers “could not confidently define a phishing attack” and 76% don’t know what ransomware is, according to ISACA. With a little education the risk of becoming a phishing victim can be much reduced and, hence, the threat from ransomware is also reduced).

More and more companies are identifying the value of a “staff awareness” to keep their employees awake to the risks prevalent each time the web is accessed or an e-mail received.

To buy Cyber Insurance is one way of protecting yourself. However, if you can, it is best to avoid a claim and the disruption that goes with it. BGi.uk have teamed up with CybSafe and now offer an online, staff training programme. Those businesses that adopt the programme benefit from generous discounts on their insurance premiums and you may also be eligible for free secure and guaranteed cloud based back up services.

Employees and contractors can learn anytime, from anywhere and on any platform, start and stop the course to match their (naturally) busy schedule and minimise business disruption, whilst providing your company with a particularly useful but inexpensive level of enhanced security.

To obtain a quotation for staff training and/or insurance please complete this enquiry form.

Our thanks to Marika Samarati for providing much of this information.