Ransomware Attacks; an Unforgiving Evil
As highlighted in our previous blog “A world of remote workers - Every cyber criminal’s dream.” Cyber criminals are ramping up their attacks against organisations who are rushing to move their operations and staff online in reaction to the current Covid-19 pandemic.
A spike in ransomware deployments was found during the first two weeks of April 2020. The ransomware attacked agencies such as government, medical, aid, educational, transport and healthcare.
Evidence found by Microsoft showed that all of these attacks had previous to the Covid-19 pandemic gained persistence on the networks. This means that ransomware groups were already inside these networks but chose to deploy ransomware during a time when critical infrastructure was at their most needed and stretched. Nothing can be more damning of a ransomware group than choosing this time to highlight the total disregard for critical services and the impact caused during this time of crisis.
It appears that these attacks were spread via phishing campaigns. Phishing is one of the most commonly known and used forms of a cyber attack, where hackers send targeted malicious emails pretending to be from trusted sources. Once a payload of a phishing campaign is executed it is possible for an attacker to gain persistence on the network.
It can be challenging to completely eradicate ransomware from a fully compromised network which is why we see it as critical that all internet-facing systems are regularly patched and mitigations are put in place to reduce the risk of spread across networks. This can include the introduction of air gaps and separation on the network, ensuring systems are effectively segmented so the attack cannot spread, much like the social distancing we are observing.
How Can We Help?
We offer a wide range of services which are tailored to your requirements. We can help you prepare for the worst-case scenario by simulating threats to your organisation via each service line. We can help improve your cyber security posture increasing your resilience to breach. We offer simulated phishing campaigns to highlight cyber security awareness within your organisation and demonstrate how a breach may occur.
Should you ever be on the unfortunate end of a cyber attack our in-depth knowledge and Incident Response service will have your organisation ransomware free and up and running in no time.
Partner with us today, our experienced consultants will go the extra mile to ensure your organisation stays secure during these testing times.
- Validate security controls implemented
- Receive a prioritised list of your risks based on their exploitability and impact
- Receive expert and effective advice to immediately improve your cyber security posture
- Understand how uncovered issues will affect your organisation and operations
- Recover from cyber attacks
Secora Consulting was set up to assist organisations with their cyber security requirements. We understand the challenges many companies are currently facing are unprecedented. Our goal is to improve your cyber security operations, providing peace of mind in this ever-evolving threat landscape.
If you have any questions or are unsure if the steps you are taking to help keep your organisation secure during this period, please reach out to us. Our team is available at firstname.lastname@example.org or over the phone on 00353 (0) 1 517 6200.
All of Secora Consulting's assessments are tailored to our client's needs.
Using our experience, we can help you determine which services are right for you.
We have arranged our services into four groups based on the objective of the tests.