Do you believe that ransomware is no longer as dangerous as it was in May and June 2017 when NotPetya and WannaCry attacked numerous companies? Perhaps you hope that your organization is immune to cyberattacks originating from phishing emails? Maybe you are convinced that technical solutions have overtaken the techniques used by cybercriminals? Do you think that attacks only affect North America? Or only CAC40 companies?
That's not the case! Resurgence of ransomware attacks
Indeed, as ANSSI points out in a communication dated January 31, 2019, excerpts of which are provided below:
The end of 2018 and the beginning of 2019 have been marked by an unprecedented surge in ransomware attacks. These include both ransomware that has been around for several years and new types, such as Anatova and LockerGoga, for example. Globally, infections by this type of code occur several times a day. The majority of victims are located mainly in the United States and Europe. France has recently been targeted by the Shade and Anatova ransomware programs. "[...] This profusion of attacks is facilitated by the sale of 'ready-to-use' ransomware (Ransomware-as-a-Service, RaaS) on the Internet, such as GandCrab, Ryuk, SamSam, Dharma, etc."
Current ransomware also has advanced capabilities that allow it to:
– run with administrator account privileges (SamSam);
– use authentication certificates signed by a certification authority (this is the case with LockerGoga, for example);
– bypass antivirus solutions (notably SamSam and Ryuk).
According to ANSSI: ransomware amounts are increasing
Traditionally, ransoms demanded by cybercriminals rarely exceeded €10,000.
To this end, it is important for all stakeholders (SMEs, healthcare institutions, mid-sized companies, etc.) to be aware that they are likely to be asked to pay a ransom based on their financial situation, ranging from €35,000 to €130,000.
How to deal with ransomware cyberattacks?
Consequently, here are the three recommendations from ANSSI to protect your organization from ransomware:
– Ensure a good overall level of security for your information system.
– Raise user awareness.
– Perform backups.
You can find details of these recommendations here: https://www.cert.ssi.gouv.fr/information/CERTFR-2017-INF-001/
Avant de Cliquer helps you comply with the ANSSI's second recommendation: raising user awareness of cybersecurity.
Before Clicking:
– helps organizations protect themselves from cyberattacks (80% of which originate from phishing).
– by raising awareness and testing each user over time according to their risk profile.
Would you like to learn more about how to protect yourself from phishing in your organization?
It's high time to raise your users' awareness of phishing so that they avoid making that initial click, the one click too many that could allow a cybercriminal to infiltrate your infrastructure.
