As many of us in the security field know, ransomware groups have been terrorizing people and organizations for over 15 years. In 2005 we saw the first of modern ransomware and it has evolved into the monster it is today. Now that major organizations are being hit with ransomware, the Justice Department is taking action.
The Justice Department was able to recoup most of the Bitcoins that were collected in the Colonial Pipeline attack. These efforts intended to warn other ransomware groups that their funds will be seized and to incentivize victims to report ransomware attacks to authorities. The New York Times reported that the Director of the F.B.I commented, “The F.B.I (is) investigating 100 software variants used in ransomware attacks, demonstrating the scale of the problem.”
These continued attacks have everyone on their toes and wondering who is next. The first thing you can do to protect your organization from becoming a victim of a ransomware attack is to educate employees of the risks. It only takes one compromised password to become vulnerable.
Here are a couple of reminders:
- Encourage IT to disable or remove inactive accounts from all systems, never use shared accounts, and implement multifactor authentication for all users.
- Educate ALL users on the dangers of all types of phishing attempts. This needs to include those who may be vulnerable to whaling like a CEO, CFO, etc.
- Continuously remind ALL users of password best practices and the repercussions of not adhering to them.