How has Coronavirus affected ransomware this year? You may have expected it to go down, with less people going into work there are less people in offices to spread the ransomware, right? Well it turns out that is definitely not the case.
In a recent study ransomware attacks have increased by 72% during the pandemic, targeting people working from home with the aim to infiltrate networks from home devices. From our own experience, we also noticed a spike in cryptolocker reports once people started coming back into their offices, presumably a result of infected devices being brought into work after being compromised at home.
Ransomware attackers are using many new lures to hit their victims, taking advantage of the pandemic. Some of these ransomware lures include:
- Emails from “government addresses” offering financial aid during lockdown.
- Offering information about masks, sanitiser and vaccines.
- Stating there are important updates for applications such as Microsoft Teams and Slack.
- Offering free downloads of high-demand tech solutions like Zoom and other video conferencing technologies.
Attacks like these are why it is increasingly important to not only train your staff in how to be aware of these threats, but also to have security measures in place across all devices used for work, even when people are working from home.
Who are the main targets of ransomware during the pandemic?
In short, everyone is always a potential target for ransomware attackers, but in particular there has been a noted increase in sectors such as healthcare companies and research labs. Attackers know that these companies are extremely valuable at the moment and are under a lot of pressure which, unfortunately, these morally corrupt attackers are taking advantage of.
On top of this small businesses are also under fire, typically with a “spray and pray” technique where attackers are sending out thousands of emails hoping to get a hit. Again, these are looking to be more successful now that more people are working from home.
Finally, large businesses are still under attack from hacking organisations. Notably, a Russian plot against Elon Musk’s Tesla was foiled in August. This was an elaborate scheme in which a Russian organisation targeted a Russian speaking employee for Tesla, befriended him and eventually tried to lure him to their side with a promise of huge financial gain should he help plant ransomware on the company. He was promised that he would be backed up with a denial of service attack at the same time to protect his identity, but even with this alluring offer the worker reported this to Tesla, who in turn got the FBI involved. Eventually they acquired evidence, arresting the Russian just before he escaped the country.
This just goes to show that no one is completely safe from these attacks, with hackers getting smarter and employing more deplorable methods for their attacks.
What can we do to stop ransomware attacks?
On top of the previously mentioned staff training, I also mentioned security for devices. This can be difficult with so many machines to manage, but using security software with a patch management system, such as that included with Panda.
Ideally, however, we would be aiming to minimise the risk in the first place. Ransomware is most commonly disguised in phishing emails, as discussed above. A cloud email filtering system can prevent this threat. Mailhive works prior to your internet gateway to block advanced phishing, spam, malware, viruses and much more before it reaches your networks or computers and passes only good email to your inbox.
On top of this all machines should be backed up offsite as regularly as possible at the moment, especially with so many “sites” being people’s own homes. It’s no good someone at a company keeping all their data on one laptop as this can quickly lead to data loss should the laptop be stolen, damaged, or infected with ransomware. Small businesses should make use of backup software such as Datahive or an enterprise solution like Veeam.
If you have any questions about ransomware, security or backup, please feel free to get in contact and we will be happy to help.