Are Your Employees Being Recruited to Attack Your Firm?

September 8, 2021

WHAT HAPPENED?

Cybersecurity criminals are utilizing unconventional methods to breach company networks through ransomware attacks, which may even be carried out through the company’s own employees. These scammers are offering a percentage of the ransom to employees who assist them with launching these attacks. For example, a recent campaign offered $1 million in bitcoin (40% of the presumed $2.5 million ransom) to any employee willing to deploy malware inside his or her employer’s network.

This new approach signifies a noticeable trend in cybersecurity. As employees are becoming cognizant of phishing emails, hackers are resorting to increasingly creative tactics. Ransomware was historically deployed through email attachments and links. More recently, cyber attacks have evolved to advanced techniques, such as obtaining direct network access through unsecure VPN accounts. These new approaches take advantage of gaps in security, employee training, or potentially disgruntled employees.

WHAT DOES THIS MEAN FOR ME?

Firms should implement the following to mitigate ransomware risk:

1. Access Management and Change Management: Adopt policies and procedures to restrict access rights only to the data necessary for the particular employee’s job function. Implement an approval process to govern any changes to pre-approved access rights. Limit access to your firm’s physical server and require management approval prior to making any changes. These practices reduce the firm’s risk profile by minimizing the amount of data that would be accessed in the event an employee’s account is breached.
2. Employee Training: Implement a strong cybersecurity training program and ensure employees understand how to spot phishing emails and the risk of communicating with cyber criminals. Often times, even if an employee acts based on a cyber criminal’s instructions, the ransom is never paid. Further, even if the employee is paid, forensic testing will be conducted to trace the origin of the ransomware, likely implicating the employee.
3. Employee Testing: Test your employees through deploying tailored phishing campaigns based on the latest threats. Testing reveals gaps in training and may also identify vulnerable employees.

As cybersecurity threats continue to evolve, so must your firm’s approach to mitigating your cybersecurity risk. Fairview Cyber can help your firm with essential cyber and data security services like phishing prevention training, network penetration testing, and drafting policies to govern data security, including access management and change management.