Paying Ransomware Demands Can Be Illegal

If you are targeted by hackers with ransomware and decide to pay the ransom to get your data back, you might be investigated by the government. The current regulations come from the International Emergency Economic Powers Act and the Trading With the Enemy Act. These essentially make it illegal for companies and individuals to pay the hackers on the Office of Assets Control’s list of cyber terrorists. This also includes people who may pay on behalf of a client, such as a cyber insurance company.

According to a memo released by the OAC, “[organizations] are generally prohibited from engaging in transactions, directly or indirectly, with individuals or entities on OFAC’s Specially Designated Nationals and Blocked Persons List, other blocked persons, and those covered by extensive country or region embargoes.” This includes organizations that may not be on the list.

Cyber criminals started with individuals, but as they made more and more money they were able to refine their process. They are now targeting entities such as banks, hospitals, legal firms, and schools. Some of the cyber criminals have taken it a step further and created ransomware as a service. In these cases, the ransomware variant is rented out to the user and the owner is given a cut of the ransom. It’s very sinister, and it doesn’t seem to be getting better.

In 2020 the total amount paid for ransomware attacks increase more than 300% when compared to the previous year. This amounts to a nearly $350 million payday for the bad guys. To make matters even worse the actual numbers are likely a lot higher due to underreporting.

It may seem important to pay the ransom in order to retrieve your data and/or make sure that it doesn’t get released to the public, but in some cases the sanction you may receive will cost more than the demands. In many cases making payment only escalates the situation. In others the criminals don’t even make good on their promises to return stolen data or provide decryption keys.

Don’t Become a Victim:

Endpoint Security

Most ransomware attacks start with a single workstation or server. All your machines need to be secured with Endpoint Security that can protect your organization from all cyber threats, not just ransomware.

Awareness Training

Having employees that are conscious of their role in an organization’s information security is extremely important. Deploying the right awareness training will help mitigate and even prevent ransomware attacks.  

Backups

Technically, you will still be a victim if ransomware is deployed on your network. Having a solid backup solution can help you avoid major disruptions and keep you from having to negotiate with terrorists.

Policies & Procedures

Almost every single victim of ransomware lacks the proper policies and procedures to secure their organization. This failure to prioritize information security often leads to a damaged reputation, lost revenue, bankruptcy, and, in some cases, organizations have to close their doors for good.

Policies & Procedures

Traditional solutions don’t fit their environment and they aren’t agile enough to keep up with the evolving landscape. This always leads to problems that can be traced back to poor implementation, or lack, of modern policies and procedures. Don’t make the same mistakes. Allow us to connect you with our partner today.

Phishing Sites Use CAPTCHA to Avoid Detection

There is an increasing number of phishing websites that are using CAPTCHA product in order to appear legitimate. For those of us who are unaware, a CAPTCHA is a security feature that helps identify the user as human (compared to a bot). This helps websites avoid getting hundreds to thousands of automated user requests. It seems that because so many major brands use them on their websites they are becoming synonymous with legitimacy.

There are two reasons why the phishing sites may be doing this. Not only can adding a CAPTCHA help evade systems that are designed to detect phishing websites, but it also makes the website seem like a legitimate website, as most websites that have a CAPTCHA are secure websites. This can lead to users creating accounts on fraudulent websites and risks them losing their personal information.

Seems difficult to do, right? Google makes it easy to get a reCAPTCHA (Google’s version of CAPTCHA), requiring only that the user sign up with Google. They then get an API key, which they can then add onto their websites. Until Google analyzes requests more closely, it’s easy for scammers to use these to create a false sense of security.

Having the right awareness training program can help employees identify phishing sites and emails. Many data breaches are a direct result of a simple phishing attack.

Awareness Training

It’s time for a training solution that is easy to understand, deeply engaging, remarkably consistent, and to-the-point. You’ll maintain productivity while keeping information security top-of-mind.  Click on the button below to get started with our partner providing awareness training with an unmatched value. 

Employee Information Not as Protected as Customer Data

H&M Group, a Swedish company specializing in apparel, was recently fined over forty million dollars because they collected excessive personal data on their employees and failed to protect that information. Some of the information collected was medical information, religious affiliation, and asking if there were troubles at home. Besides those questions being completely inappropriate, H&M failed to protect that data once it was put into their system, it being available to numerous managers in the company. What’s even worse is that some of that information directly impacted employee performance reviews.

None of this information would have been known if the company didn’t experience a data breach. The breach, which lasted only several hours, made the information widely available to anyone. This error was caused by a configuration error.

Steps were taken to fix the issue, including the replacement of managers, training on data security and labor laws, and the implementation of a data protection coordinator. However, it’s yet to be seen if H&M will continue with these changes or give up once they are out of the spotlight.

Poor information security has real-world impacts and there’s no excuses. Events like this can be easily avoided. Organizations always seem to think that cyber attacks and threats to their data are going to be super complex involving secret techniques. The truth is that almost all of the major data breaches could have been avoided with simple changes to their policies & procedures.

Policies & Procedures

Traditional solutions don’t fit their environment and they aren’t agile enough to keep up with the evolving landscape. This always leads to problems that can be traced back to poor implementation, or lack, of modern policies and procedures. Don’t make the same mistakes. Allow us to connect you with our partner today.


Subscribe to Our Newsletter

We send out new articles every week. They'll help keep you informed about important information security topics and news.