Tailored Ransomware Increases During COVID-19
There has been an increase in ransomware attacks amid the COVID-19 pandemic. Pre-Covid attackers were targeting individuals for small payouts. However, the ransomware attackers have changed tactics post-Covid, focusing on specific industries and individuals to generate better payouts.
Prior to Covid, the ransomware attacks were targeting individuals through emails by sending malicious attachments. Some systems may have had protection in place and that would filter out the messages, along with emails being deleted. Unfortunately, not everyone would have been lucky as there were victims who fell for phishing emails, some laced with Covid19 themes, peaking interest and leading the user to open them.
The pandemic forced businesses to go virtual and employees worked from home, and there were vulnerabilities in securing the infrastructure fully against cyberthreats for a number of organizations. Gaps like these provide cybercriminals the opportunity to target users on a global network and insert malware. Once files are encrypted it can affect a businesses global network, forcing ransom payment.
Should businesses not pay the ransom, attackers progress to extortion and blackmail tactics, which can include releasing the data publicly or launching a DDoS attack. Using such tactics as extortion is another way to blackmail organizations to pay ransom or else they are left suffering from a damaed reputation. The other option for threat actors is to DDoS the organization, which brings down critical services forcing the organization to pay the ransom to get the attack to stop.
Now that businesses are opening, some staff will continue to work from home whilst others will return to work. This is when attackers will continue to focus on employees working from home. This is an ideal opportunity for businesses to consider multi-layer cybersecurity in order to prevent advanced threats. It is to secure the IT infrastructure against employees opening email messages away from the office environment, to prevent security breaches such as ransomware. Also, by using practices such as multi layer cybersecurity, the importance of email filters to detect malicious messages and attachments before they reach the user’s inbox needs to be on the priority list of business.