A Weekend in Incident Response #33: Security Awareness Training Can Help Protect Organizations Against Ransomware Attacks

With all the damage done by the WannaCry and the Petya (also known as GoldenEye) ransomware attacks over the course of the last two months in mind, it is safe to assume that organizations that are a potential target of cyber criminals should move to enhance resilience to these types of attacks. There are various actions that businesses and government institutions can take to escape unscathed from this global ransomware epidemics.

Aside from using sophisticated tools that are designed to detect and remove ransomware, employees themselves are an important piece of the puzzle when it comes to defending against targeted cyber-attacks. Raising employee awareness on cybersecurity can go a long way towards improving the ability of organizations to avoid damages caused by cyber incidents because the staff is often cited as one of the weakest links in cyber defenses.

Employees, the First Line of Defense Against Ransomware

One of the reasons why organizations need to raise cybersecurity awareness within their staff is that ransomware usually finds a way into IT systems through phishing emails opened by an employee. The main risk is a result of the fact that most employees are not very well-versed in distinguishing between legitimate emails and fake ones that aim to install malicious software onto their computers, which is done in one of two ways. One way is to include a call-to-action prompting recipients to download an attachment that contains a malware. Once that file is installed onto the computer, the malware basically disables the computer, preventing the user from accessing it, or from opening certain essential files.

The other way involves emails providing a URL that recipients are supposed to click, with the URL being created in such a manner that resembles a popular and well-known website. That way, recipients do not suspect that there is something wrong with the website they are prompted to visit by the email message, but once they click the malicious URL and go to that website, malware is instantly installed onto their computer.

After a piece of malware is installed on a computer, it has the ability to spread across other computers that it is connected to, thus infecting and blocking access to the entire network.

Tackle Social Engineering Through Education

Organizations can reduce the risk of getting hit by a ransomware attack by educating employees about the methods utilized in these scams, which involve a great deal of social engineering, taking advantage of certain psychological weaknesses. By making employees more aware of the most common ransomware schemes, as well as the fact that they have one of the key roles in the cyber defense of their organization, chances of preventing attacks can be greatly increased.

Cyber security professionals need to train all employees on how to detect ransomware scams, by pointing out to them that they need to pay extra attention to details when receiving emails from an unknown sender or containing suspicious content. The most important details that employees should pay attention to include the display name of emails, the salutation, and whether an email contains an attachment that they are not expecting.

Employee education is paramount when it comes to defending against ransomware attacks, and organizations need to invest more time and resources into this increasingly important aspect of cybersecurity.