Episode 4 – Let’s Go Phishing for Ransomware
Shankar Radhakrishnan, Founder of Skedler, recently sat down with the CEO of TCE Strategy, Bryce Austin, who is a Cyber Security Expert and Professional Speaker as well as the author of the book Secure Enough? 20 Questions on Cybersecurity. The topic of the discussion, phishing for ransomware, is incredibly important as many organizations and individuals around the world are exposed to the perils of phishing and ransomware attacks daily. Bryce was able to detail why hackers target individual accounts and what best practices organizations can employ to proactively mitigate attacks or handle the fallout after a phishing and ransomware attack.
[video_embed video=”I5ys5nOowTo” parameters=”” mp4=”” ogv=”” placeholder=”” width=”700″ height=”400″]
Top Phishing Scenarios That Organizations Face
A recent report found that 64% of organizations have experienced a phishing attack in the past year. Research by IBM reveals that 59% of ransomware attacks originate with phishing emails and a remarkable 91% of all malware is delivered by email. This tells us that more users are seeing attacks, but since they are not trained in how to spot or handle them, they become a victim of them. With the volume and variety of phishing attacks on the rise, many organizations are struggling to keep up with the barrage of ransomware attacks that are constantly hitting their networks.
In order to combat these terrible attacks, we must first understand what they are and what their purpose is. Bryce explains that “phishing comes in many forms. It can be a vague email. It could be from someone you know. It could be from someone you know who says ‘I thought you might find this link interesting,’ and it tries to get you to click on a weblink.” Bryce goes on to detail how “it could [also] state ‘please see the file for the next, new, exciting thing in technology.’ Something vague and nondescript.” This is an incredibly important aspect of these attacks since many people open emails that interest them, even if they don’t know the sender. Once the individual clicks through, the hacker has everything they need in order to obtain remote access to the user’s desktop or copy their address book to carry out a phishing attack of epic proportions.
Best Practices For Safeguarding Your Company From Phishing Attacks
First and foremost, cybercriminals are interested in money. If they think that there is a reasonable chance of them getting money from a user or company, they will try. This is why, Bryce explains that “one of the biggest things you can do is to have cybersecurity awareness training for yourself and for anyone in your company.” In essence, Bryce tells us that, “Cybersecurity awareness training is cybersecurity 101. It’s the basics of what these phishing scams look like. That is far and above the #1 way to prevent it.”
Too often, employees aren’t familiar with the signs of ransomware and therefore make their companies vulnerable to attacks. This is why, to mitigate the risk of a phishing or ransomware attack, it’s imperative to provide regular and mandatory cyber security training to ensure all employees can spot and avoid a potential phishing scam in their inbox. You also need to look into endpoint detection and ensure that you have built a really strong security posture. This will give everyone from your frontline employees to your executives the tools they need to successfully squash a phishing attack in its tracks before it becomes a catastrophe.
Best Practices For Post-Phishing Attacks
If a threat actor successfully phishes an employee, it can provide them with access to the company’s entire network of resources. Bryce explains that “if a phishing attack is successful, it inherits whatever abilities the user has.” This means that a single phishing attack can provide a hacker with access to the organization’s sensitive financial and intellectual property data which can be devastating.
To combat the spread of a phishing attack once it has already made its way into your network, Bryce explains that a huge mitigating step is to “proactively remove local administrator rights so that users don’t log in as a local admin at the company.” This is similar to throwing sand on a roaring fire pit. It doesn’t undo what has already happened, but it can keep the damage from getting out of hand.
Don’t forget to subscribe and review us because we want to help others like you improve their IT operations, security operations and streamline business operations. If you want to learn more about Skedler and how we can help you just go to Skedler.com where you’ll find tons of information on Kibana, Grafana, and Elastic Stack reporting. You can also download a free trial at skedler.com/download so you can see how it all works. Thanks for joining. We hope you will tune in to our next episode!