Don’t Take the Bait! Phishing Scams Drive Most Recent Wave of Global Ransomware Attacks

Don’t Take the Bait! Phishing Scams Drive Most Recent Wave of Global Ransomware Attacks

Last year, Hollywood Presbyterian Medical Center in Los Angeles paid $17,000 to unlock files after an attack that crippled a large portion of its computer systems.

The Wall Street Journal and many other news outlets are reporting massive global ransomware attacks today (May 12, 2017).  This series of cyberattacks is freezing computer systems and disrupting businesses, including more than a dozen hospitals and health facilities in the England and Spain.  The malware known as WannaCry or Wanna Decryptor targets vulnerabilities in Microsoft Windows systems associated with a March 14th patch.

Beyond the disruption caused by this malware, some companies ultimately pay “ransom” to recover their computer systems.   Last year, Hollywood Presbyterian Medical Center in Los Angeles paid $17,000 to unlock files after an attack that crippled a large portion of its computer systems.  So, if the disruption, lost staff hours, and frustrations aren’t enough, some companies are also paying a ransom to restore their computer systems.

Kaspersky Labs, an antivirus vendor, said the malware has shown up in 74 countries but Russia has taken the brunt of the attacks.  Antivirus vendor Avast says it has detected the malware in more than 57,000 samples.


Check out Syntrio's extensive library of cybersecurity and data privacy training.


How are companies exposed to these malware attacks?  Typically, this occurs when hackers trick someone into opening what appears to be an apparent legitimate or innocuous file that contains the malicious software.  This is called phishing.   In this scenario, the person who opened the file’s computer is corrupted.  But the fun doesn’t stop there.  WannaCry is also a worm, so it will infect all other computers on the user’s network, which aren’t protected against the vulnerability.

How can you help your company minimize this risk?  Provide anti-phishing and safe computing training to all your staff.  It’s harder to get caught with malware or ransomware if you don’t take the bait in the first place.


Has this article made you think about your current cybersecurity or data privacy training program?  Do you have questions about your current compliance training program? Contact us and we can work with you to make recommendations to augment and/or improve your current offering.

Syntrio is a leader in both the ethics and compliance field, as well as human resources and employment law, and is prepared to help your company implement a compliance program aimed at reducing the potential impact of compliance violations within the organization. Syntrio takes an innovative philosophy towards compliance program design and strives to engineer engaging, entertaining, and thought-provoking content. Contact www.syntrio.com for more information about our ethics and code of conduct online courses and remember to follow us on Facebook, TwitterGoogle Plus and LinkedIn for daily updates on employment law and compliance that impact your company!

 

Written by Darin Hartley, Director of Marketing, Syntrio, Inc.

Posted in Code of Conduct, Compliance Training, Cybersecurity, Sexual Harassment and tagged , , , , , , , , , , , , , .