Wrapping up the end of Q2, 93% of all phishing emails to hit your inbox contained some sort of encryption to extract privileged information. That number is up 53% from the fiscal year ending last December in 2015, according to a report released today by PhishMe.
Ransomware tools are easier than ever to access and can be sent to your inbox in the blink of an eye. There are varieties of ransomware that have seen considerable growth such as Locky and TeslaCrypt, but recently PhishMe is reporting increased popularity in “soft target” messages that reach users through unpatched servers directly targeting and businesses and organizations. One of the more notable victims, MedStar Health experienced their very own malicious attack and came extremely close to forfeiting over $18,000 USD to restore their entire network.
These phishing messages go unnoticed because of how general they appear in your inbox, and they’re not targeting a particular job title or industry. One of the more popular emails contains an attached resume and salutation just like any other hopeful candidate, and even billing and shipment information for a fake purchase.
Who is the Target?
With so many possibilities of vulnerability to our devices, end-users are the most heavily targeted, the ways they can be reached digitally are endless. End users that aren’t technically inclined to learn about potential threats are putting your business at risk of compromising your daily operations, with just a simple exchange of sensitive data on an unsecured network, system downtime becomes an increasingly real consequence.
Perhaps a threat where ransomware could cost lives, emergency service cyber-attacks can handcuff medical centers such as MedStar Health, a network of 10 hospitals were seized in an outbreak all from opening just one web application. Avoiding questionable websites and upgrading firewall will make sure you guarded against the latest threats.
The targeted healthcare hack represents a new trend that engages itself across users in a different sequence of events. Rather than downloading the virus through an attachment in your inbox disguised as job seekers, some unpatched versions of applications distributed by Red Hat JBoss have been known to be affected, crippling environments.