SOURCE: PhishMe

PhishMe

March 31, 2016 14:15 ET

PhishMe April Cybercrime Alert: Ransomware Attacks Expected to Increase

Cybersecurity Experts, Former Federal Law Enforcement Professionals Say Cryptocurrency, Digital Data and Vulnerable Employees May Fuel Largest Crimewave in Modern History

LEESBURG, VA--(Marketwired - Mar 31, 2016) - PhishMe Inc., the leading provider of human phishing defense solutions, today released its April Cybercrime Alert, warning all organizations that its threat researchers expect ransomware attacks to increase as cybercriminals become increasingly aware that:

  • Ransomware is readily-available and changes faster than detection technologies can respond
  • In most cases, paying the ransom is the only way to free hostage data and systems
  • Recent successful ransom situations will only encourage more attempts
  • Cryptocurrencies such as Bitcoin can be used to force untraceable ransom payments
  • Humans are widely susceptible to phishing, the most commonly used ransomware attack vector

Ransomware has existed for several years but has been primarily used to victimize unsuspecting consumers. However, as PhishMe has observed, hackers are now turning their focus from just private individuals to more lucrative targets such as businesses and government agencies as they employ unbreakable ransomware strains, including: Cryptowall, TeslaCrypt, Locky, Cerber, Troldesh and CTB-Locker. For detailed analysis, visit: http://phishme.com/ransomware-rising-criakl-osx-others/.

The most high-profile ransomware attacks the industry has experienced lately include:

  • OS X - Typically thought of as less vulnerable to viruses and malware, ransomware hackers are now successfully targeting OS X systems through sophisticated phishing emails that use KeRanger malware to encrypt the data on a computer and render it inaccessible until a ransom is paid in bitcoins
  • Hollywood Presbyterian Hospital - Using phishing to trick an unsuspecting employee, attackers seized the hospital's entire IT system, stalled critical healthcare related communications and extorted $17,000 in ransom
  • Plainfield, New Jersey - Using phishing emails targeted at employees researching grants, hackers compromised three servers before city officials were able to pull them offline, effectively locking up the town's files in order to receive a small sum until the officials turned to law enforcement for help
  • MedStar - News reports are now confirming that this is the latest in a series of phishing-related ransomware attacks on healthcare facilities; while it wasn't known at the time of this release if a ransom had been paid, media has said the facility confirmed that systems critical to patient care for thousands were locked for a time

Technology Layers Are Insufficient Defense: Arm Your Organization, Back Up Your Data
As ransomware attacks continue to grow in number and sophistication, organizations should reassess their current security strategy. There is a common misconception that adding layers of automated defense technologies will reduce the risk of falling victim to ransomware attacks. While endpoint security products and secure email gateways can offer some level of protection, sooner or later a phishing email, which is the most widely-used attack vector, will penetrate defenses and an employee will be faced with determining whether or not an email is legitimate or part of an attack. If human targets haven't received effective conditioning, they are 97 percent more likely to open an email and click on a malicious link or open a malware-laden file attachment that may unleash ransomware. To reduce your organization's odds of falling victim to ransomware, take the following key steps:

  • Conduct phishing attack simulations, based on real-world threats, that condition employees to recognize malicious emails
  • Assess your employees' susceptibility to phishing attacks, leverage industry benchmarks and comparisons that gauge the effectiveness of your defenses against peer groups
  • Provide employees with easy, fast and effective ways to report suspect emails to SOC teams and incident responders
  • Provide the incident response teams the tools to rapidly triage, analyze, and operationalize the aforementioned employee attack intelligence
  • Invest in access to phishing threat intelligence and analysis that is human vetted and analyzed by expert threat researchers
  • Backup your data appropriately; in many cases this could mean the difference between being forced into a ransom or simply sidestepping demands

By conditioning employees to recognize and report phishing threats, PhishMe asserts that organizations can build an effective final layer of defense against phishing attacks and ransomware. For more details on how to reduce phishing susceptibility, visit: http://phishme.com/enterprise-phishing-susceptibility-report/

Supporting Quotes:

"2016 is quickly shaping up to be the 'year of the ransomware attack,' which is not surprising, given the current state of information security and how organizations approach their overall defensive strategies.

"The combination of cryptocurrency, an increase in world-wide data connectivity, poor backup procedures, and employees who are ill-equipped to help defend against phishing attacks has led to the perfect storm for ransomware to succeed.

"Ransomware attacks have the potential to become the biggest crime in digital history. They threaten every major sector, from the healthcare industry to government agencies, drive unquantifiable financial losses and, in the case of healthcare, could have life and death implications."
- Rohyt Belani, PhishMe CEO and co-founder

"The most crucial element in any security strategy is one that is often overlooked -- the human. With ransomware on the rise and the primary targets being organizations in critical industries such as healthcare, it's become more important than ever to implement a human phishing defense solution and empower employees to instantly recognize these threats and report them. This is the only way to truly prevent hackers from completely shutting down critical systems."
- Aaron Higbee, PhishMe CTO and co-founder

"Digital crimes are too big for law enforcement to contain and ransomware is another straw added to a scenario where the camel's back is already broken. The only way organizations are going to have a shot at protecting themselves is by taking defensive steps that include preparing their humans to get involved in the fight.

More than 2,400 ransomware-related complaints were filed with the FBI in 2015 alone; and while the bureau estimates that ransomware has cost organizations more than $25 million, we know that in some cases more than $325 million has been fleeced."
- Jim Hansen, PhishMe COO, former federal law enforcement agent

"As it stands, ransomware is virtually impossible to defend against once it infiltrates networks. If an employee clicks on a phishing email that contains ransomware, it's only a matter of time before it spreads and shuts down entire systems and encrypts data. This puts companies in the difficult situation of losing access to critical information, such as medical records, or paying ransom. As additional malware families are added to the ransomware roster, it's imperative that companies work to prevent threats from ever breaking through their defense layers."
- Ronnie Tokazowski, PhishMe senior threat researcher

Connect with PhishMe

About PhishMe
PhishMe® is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today's top attack vector -- spear phishing. PhishMe's intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization's security decision making process. PhishMe's customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise. To learn more about PhishMe's human-powered, anti-phishing offerings, visit http://phishme.com/

Contact Information

  • Contact:
    Nicole¿ Pitaro
    Bhava Communications for PhishMe
    Email Contact
    (630) 532-8879