For the last few months, ransomware has been making some big headlines thanks to massive cyberattacks against major companies. Even if it is only beginning to make headlines, ransomware has been around for a long time. A type of malware, ransomware is used to attack individual users, soliciting ransoms of a couple hundred dollars. Now, it’s targeting corporations, government agencies, police departments, and universities with ransoms for millions of dollars.
What is ransomware?
Malware is “malicious software” that causes harm to systems when it’s installed on devices. Ransomware encrypts the files on a device when it is installed. Some types prevent you from using your computer’s basic functions, like your mouse or keyboard. Others encrypt files on your device, which can prevent users from opening documents. Depending on the business, these files or systems may be essential for business operations. The only way to restore your computer or files and systems is to pay a ransom.
Your device can be infected by ransomware in a few different ways. Some cybercriminals take advantage of vulnerabilities in software. For example, WannaCry, one of the most prevalent types of ransomware, targets a security vulnerability in Windows. Others gain access to devices through Remote Desktop Protocol, which give a remote user control over the device.
Many attacks come through social engineering. This tactic uses deception to get sensitive information out of people for fraudulent purposes. By posing as people or institutions that are usually trusted, hackers take advantage of victims and gain access to their digital devices.
In this article, we’ll focus on how social engineering delivers ransomware to unsuspecting victims.
What is social engineering?
Social engineering plays on your inclination to trust. Cybercriminals try to create situations that will trick you into believing that you are dealing with someone you know or an institution you trust. After all, it’s much easier to get someone to let you into the castle than trying to pick the lock yourself.
Social engineering attacks may appear as an email from “your friend” or “your boss”. Often, cybercriminals use fake emergencies to get you to act quickly (and fall into their trap).
The most common social engineering scam is phishing. Phishing is the act of sending emails that look like they come from a trustworthy source. These emails often include links or attachments loaded with malware. If you click the link or download the attachment, malware infects your device.
Phishing attacks come in many flavors, including:
- Spear-phishing. More targeted than the typical phishing attack, spear-fishing uses personal details to make the attack look more legitimate.
- Whaling attacks specifically target executives or senior members of government agencies, hospitals, or universities. These attacks appear to come from another senior member of the organization or even the CEO.
- Smishing uses text messaging to carry out a phishing attack and infect mobile devices.
- Vishing uses fraudulent voicemails and directs you to return the call at a fraudulent number.
Other types of social engineering attacks.
Other types of social engineering attacks include tech support scams where hackers pose as an IT specialist and request remote access to your device. Once you give it to them, they take over your device and install ransomware or hijack your personal information.
How social engineering delivers ransomware.
Some of the prominent ransomware attacks over the last few years have occurred thanks to social engineering. 92% of malware is delivered by email, and over half of all malware attacks are ransomware attacks. More proof that cybercriminals are leaning in hard to social engineering.
Types of ransomware, like Locky, Shade/Troldesh, and CryptoLocker all spread via email and malicious attachments.
How to prevent ransomware attacks.
Regardless of the attack vector, it’s important to practice good cybersecurity at your organization to prevent cyberattacks. Since many attacks come at the expense of people who are too trusting, always err on the side of healthy suspicion.
- Slow down. If you get an email from your boss or someone else in the company that needs something urgently, especially login credentials or financial information, consider that a red flag. Double-check that the email actually came from them and look for spelling errors in the email address. Better yet, pick up the phone and call them. But don’t use the phone number in the email. Instead look for a number in your company directory.
- Be careful about clicking links in emails. Use your mouse to hover over the link and check to see where it is going to first before you click it.
- Watch out for unusual file type attachments.
- Never send login or financial information over email.
- Stay updated. Patch applications, browsers, plug-ins, systems, and regularly, especially your anti-virus software.
- Use strong passwords. Update them frequently, and don’t use the same password for more than one account or system.
- Use multifactor authentication for an added layer of protection.
- Back up and encrypt your data and systems. Store the backups offline so you can access them in case of attack.
- Create a response plan in case of an attack. Disconnect infected devices as soon as possible to prevent the spread of ransomware to other parts of your network or business.
- Report any incidents of cyberattack–including phishing–to the FBI’s Internet Crime Complaint Center (IC3).
You can’t be too careful in our digital world these days. Take steps to educate yourself about cybersecurity, particularly phishing. Knowing what social engineering is and what form these attacks take can help keep your devices safe from ransomware.