Don't click on ransomware disguised as political ads

Remote work and social media have made it easier for businesses to be impacted by security breaches. Here's why, and how organizations can protect themselves.

election-democrat-republican-red-blue.jpg

Image: Getty Images

During the political season, businesses need to be more diligent than ever to keep unsuspecting employees from being led into a phishing attack through election-themed social media content.

There's a huge risk for the enterprise as this new evolving threat landscape threatens businesses as employees are hungry for news on election results and updates. Fortunately, there are steps that businesses can take to protect themselves, and their employees. 

SEE: Security Awareness and Training policy (TechRepublic Premium)

"I think what we're seeing is number one, the global pandemic has many more people working from home, which means all these millions of corporate devices have left the corporate firewall. And in the meantime, we're also in the middle of this presidential election, which is driving a tremendous amount of social interaction, whether it's email or social networking interaction, which presents a great opportunity for phishing attacks and the intrusion of ransomware while these devices are outside the enterprise firewall," said Doug Matthews, vice president of enterprise data protection and compliance at Veritas. 

Matthews described it as a "perfect storm" of devices that have left their areas of protection, and employers need to make sure that employees are fully aware that this is a threat and that the company has a security policy to protect devices from such threats.

Ransomware attacks on the rise

The need for such awareness is crucial because the number of ransomware attacks are increasing. In July through September, the daily average of ransomware attacks worldwide grew by 50% compared to the first half of 2020. In the US, attacks doubled over the same period, which makes the US the most targeted country for ransomware, according to an article by TechRepublic's Lance Whitney.

The first death directly related to a ransomware attack was reported in Germany in September, as reported by Catalin Cimpanu at ZDNet.

In another article by TechRepublic's Whitney, he pointed out that among the 187.9 million ransomware attacks reported by Statista for 2019, 67% of them were initiated by spam and phishing emails and 16% because of malicious websites, and 16% due to clickbait.

Consumers blame companies for security breaches

It's more important than ever for the enterprise to stop ransomware because customers are now blaming the company, not the hacker. 

Veritas recently conducted a survey to find out the impact ransomware has on companies. It showed that one error made by an employee,  such as falling for an election-themed phishing attack, could significantly harm the entire business. 

The survey found:

  • 80% of consumers already expect companies to have security software in place
  • 61% of consumers fully expect that companies will have tested backup in place
  • 37% of respondents hold CEOs personally accountable if employees cause ransomware
  • 43% of consumers would stop working with companies if they are exposed to a data breach.

Matthews said: "One of the things that's kind of interesting is that 65% say that they should be financially compensated if their data cannot be retrieved. So not only are you risking your corporate reputation, your ongoing business, but there is the potential that people may come back at you with lawsuits and expect some kind of recompense for the activity."

SEE: Special report: A winning strategy for cybersecurity (free PDF) (TechRepublic)

How companies can protect their data

There is one main strategy that will help businesses protect themselves from ransomware threats. 

"The simplest thing to do is there's what we call three, two, one. So it's three copies of your data, and stream that, so it's at least two separate locations. And one, that is absolutely a 100% air-gapped offsite," Matthews said. "It's a simple strategy and solution that does work and ensures that you have a copy of your data when the time is right. For a large enterprise, they also need to ensure that they have considered the ability to know how long it's going to take for them. So considering the recovery of a large enterprise data center data set, and at scale very rapidly."

This article was updated on Nov. 5, 2020.

Also see