Ransomware: The First Mistake Organizations Need to Avoid

Share post:

A mistake that many organizations must avoid, if they are hit by a ransomware attack, is to not let the attackers know that they have insurance.

The revelation by security researchers at Fox-IT shows that once attackers know that the victim has cyber insurance, negotiating a lower ransom becomes almost impossible.

The reason for this is that attackers exploit the existence of a cyber insurance to manipulate the victims in order to pay the demanded ransom amount. It is possible that attackers know about the cyber insurance of a company even without informing the victim.

This can be achieved once the attackers have gained access to the victim’s network prior to carrying out the attack. Therefore, organizations are warned not to store any document related to their cyber insurance on an accessible server.

The research examined over 700 negotiations between Ransomware attackers and Ransomware victims in an attempt to unravel the economy behind digital extortion.

If you are hit with a Ransomware attack, the researchers advise: “The first thing any company should teach their employees is not to open the ransom note and click on the link inside it… the timer starts to count when you click on the link. You can give yourself some valuable time by not doing this. Use this time to assess the impact of the ransomware infection.”

For more information read the original story in ZDNet.

SUBSCRIBE NOW

Related articles

Cyber Security Today, May 3, 2024 – North Korea exploits weak email DMARC settings, and the latest Verizon analysis of thousands of data breaches

This episode reports on warnings about threats from China, Russia and North Korea, the hack of Dropbox Sign's infrastructure

Hashtag Trending for World Password Day, Thursday, May 2nd, 2024

Security firm Okta warns of an unprecendented password stuffing attack that is piggybacking on regular user’s mobile and...

Google Chrome’s new post-quantum cryptography causes connection issues

The latest update to Google Chrome, version 124, which integrates a new quantum-resistant encryption mechanism, has led to...

UK legislation bans weak passwords

Starting Monday, the UK will enforce new laws banning the sale of devices with weak default passwords such...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways