User Vigilance Critical to Preventing Ransomware Attacks

  • By: The JAIC
hands on keyboard


Ransomware attacks hit a new level in 2019 and are likely to increase again in 2020, according to the most recent McAfee Labs Threats Report.

Ransomware attacks rely on malware to target, infiltrate, and lock up an organization’s critical data and systems. The malicious actors then demand a ransom payment in exchange for providing the victim with the means to regain access to their own data and systems.

Between 2018 and 2019, the number of ransomware attacks more than doubled, increasing 118 percent. Even worse, researchers at McAfee Labs reported that hackers have invented new ransomware families that rely on previously unseen techniques to target organizations.

Ransomware doesn’t only involve money and access. Victims that pay the ransom often find that their recovered files and systems have been further infected with other types of malware that can corrupt other parts of their infrastructure. Those targets that don't pay the ransom because they have effective backups in place are also harmed, as their captured files and data are probably going to be released and sold on the Dark Web.

Ransomware isn’t just a concern for security staff and executives. Frontline users are the primary target, making ransomware everybody’s concern. Consider these other statistics from the McAfee Labs report: 68 percent of targeted attacks utilized email-based phishing for initial access and 77 percent of attacks relied upon user actions for campaign execution.

To act as the organization’s first line of defense and successfully guard against attempted ransomware attacks, take the following steps:

1) Be highly vigilant with your email. Pay close attention to each incoming email, taking note not only of the sender but also their email address, the subject line, and the signature block. Be suspicious if you see weird misspellings or sentence structures. Hover over any links to view the embedded URL and make sure the address matches the subject matter at hand. And, NEVER click on links that you are unfamiliar with or open attachments from unknown sources.

2) Think twice before downloading files or applications from the Web. This is especially relevant for developers who use GitHub and other code repositories, which are favorite places for hackers to implant malicious code.

3) Never disclose your password. Don’t store it on or in your computer and don’t reveal it to others.

4) Always work on the organization’s network drives. When working off-site, use your government-furnished laptop in tandem with your Virtual Private Network (VPN) connection so all of your files and work product are backed up regularly.

5) Act immediately. If you accidentally click on a bad link or open an executable file. It’s always better to assume a security breach and act accordingly than to wait and try to confirm that something bad has happened.

Did You Know?

Artificial Intelligence, modeling and simulation, algorithms, and swarm software are now among the top targeted technologies by foreign intelligence adversaries, according to the Defense Counterintelligence and Security Agency (DCSA).