Ransomware’s Greatest Adversary? End User Security Awareness
Date: Oct 5, 2016
October is National Cyber Security Awareness Month in the US, and puts the spotlight firmly on the critical role End User Security Awareness Training plays in the war against today’s ransomware epidemic.
Here are two great sources of information if you need to get budget approval for Security Awareness Training.
First is an article that explains how ransomware causes downtime, sometimes for a whole organisation, and how to boost end user security awareness. This was written by a large US insurance / reinsurance company:
The article states that a typical ransomware incident plays out like this: an employee receives an e-mail containing a legitimate-looking file attachment or link to a URL. Opening that file or clicking on that link installs malware on a computer which searches for and encrypts files and folders on local drives, attached drives, backup drives and potentially other networked devices.
A phishing attack, which uses spoofed e-mail messages and links that appear to come from a known or trusted individual or business, are a common channel for ransomware to infect a network.
There other ways malware can infiltrate a computer network. In most instances, the ransomware is automatically downloaded when an employee clicks on a malicious website or a website that has been hacked. Yes, by simply browsing a website, malicious code can be transferred to the end user’s computer. In other instances, the malware is bundled with other software that is downloaded.
“Every employee needs to be aware how their individual actions can unleash a cyber situation.”
The second great source is the US Department of Homeland Security (DHS) website, which has lots of tools and tips. In their words:
“October is National Cyber Security Awareness Month which is an annual campaign to raise awareness about cybersecurity. We live in a world that is more connected than ever before. The Internet touches almost all aspects of everyone’s daily life, whether we realize it or not.
National Cyber Security Awareness Month (NCSAM) is designed to engage and educate public and private sector partners through events and initiatives to raise awareness about cybersecurity, provide them with tools and resources needed to stay safe online, and increase the resiliency of the Nation in the event of a cyber incident.”
Find out just how affordable End User Security Awareness Training and Testing is for your organisation >>