Email Security Blog

Ransomware – Exploring the Top Phishing Attacks of 2016

Nikki Tyson June 9, 2016 Cybercrime
Fallback Featured Image

On both the enterprise and consumer side, ransomware is a rapidly growing form of malware that effectively holds a user’s device or files at electronic gunpoint.

Ransomware infects a machine and renders it unusable until a ransom is paid to either unlock the computer or decrypt the data. Levels of attacks can vary and often it uses scare tactics, deadlines and intimidation to trick victims into paying up.

In recent months, most ransomware has been distributed via attachments in emails. Though ransomware threats can be advanced, its efficiency hinges on two factors: tricking people into clicking on malicious content and banking on them not having advanced threat protection.

  • University of Calgary announced this week that they had paid a ransom of $20,000 CDN, a week after an initial attack which targeted staff and faculty emails.
  • The Hollywood Presbyterian Medical Center, a Los Angeles-based hospital, had its computers taken hostage by a piece of ransomware called Locky. After being offline for a week, officials eventually had to pay $17,000 in Bitcoin to regain access to patient records. MedStar Health and a hospital in Kentucky were recently hit with similar attacks.
  • Lansing Board of Water & Light, an American public utility, recently became the first example of a utility being successfully compromised by ransomware which took the company’s internal computer systems offline. The attack took place when one of the company’s employees opened a malicious email attachment.

Ransomware Countermeasures
The best defense against this increasingly popular cyber crime is a good offense. Operating systems, firmware, software and applications need to be patched and remain up-to-date to limit the vulnerabilities that are available for criminals to exploit.

In addition, organizations should prepare for the worst by backing-up systems regularly and investing in cyber insurance so that the business can make a full recovery in the event of a ransomware incident.

Download Agari’s executive brief on the Top Phishing Attacks of 2016 to learn more about best practices to stopping phishing attacks.

You can also check out the other posts in the Top Phishing Scams series:

Leave a Reply

Your email will not be published. All fields are required.

February 14, 2019 Crane Hassold

Scarlet Widow Breaks Hearts and Empties Wallets via Romance Scam Operations

February 5, 2019 Ronnie Tokazowski

BEC Actors Exploiting Gmail “Dot Accounts” for Fun and Profit

December 6, 2018 Crane Hassold

How an Elite Counterintelligence Team Investigates BEC Scams Worldwide

November 28, 2018 Crane Hassold

Why Just Play Defense Against Cybercriminals When You Can Do So Much More?

February 22, 2018 John Wilson

Email Phishing Scam Continues to Target College Students

mobile image