Cybercriminals tend to keep with the times, as they often leverage current events as a way to harvest user data or spread malicious content. McAfee COVID-19 Threat Report July 2020 points to a rather significant surge in attacks exploiting the current pandemic with COVID-19 themed malicious apps, phishing campaigns, malware, and ransomware. However, what many users don’t realize is that ransomware attacks are a lot more than meets the eye.
COVID-19 Themed Ransomware
During the first few months of 2020, the McAfee Advanced Threat Research (ATR) team saw that cybercriminals were targeting manufacturing, law, and construction businesses. After pinpointing their targets, hackers spread COVID-19 themed ransomware campaigns to these companies in an effort to capitalize on their relevancy during this time.
An example of one of these attacks in action is Ransomware-GVZ. Ransomware-GVZ displays a ransom note demanding payment in return for decrypting the firm’s compromised systems and the personal and corporate data they contain. The ransomware then encrypts the organization’s files and displays a lock screen if a user attempts to reboot their device. As a result, the company is left with a severely crippled network while the criminals behind the attack gain a treasure trove of data – information belonging to consumers that have previously interacted with the business.
Ransomware Could Be the New Data Breach
As ransomware attacks continue to evolve, it’s not just file encryption that users need to be aware of – they also need to be aware of the impact the attack has on compromised data. Senior Principal Engineer and Lead Scientist Christiaan Beek stated, “No longer can we call these attacks just ransomware incidents. When actors have access to the network and steal the data prior to encrypting it, threatening to leak if you don’t pay, that is a data [infraction].” If a ransomware attack exploits an organization and their network is compromised, so is the data on that network. Hackers can steal this data before encrypting it and use this stolen information to conduct identity theft or spread other misfortune that can affect both the organization’s employees and their customers.
This surge in ransomware is only compounded by traditional data infringements – which have also spiked in conjunction with the global pandemic. According to the McAfee COVID-19 Threat Report July 2020, the number of reported incidents targeting the public sector, individuals, education, and manufacturing dramatically increased. In fact, McAfee Labs counted 458 publicly disclosed security incidents in the few months of 2020, with a 60% increase in attacks from Q4 2019 to Q1 2020 in the United States alone. Coincidentally, the attacks targeting organizations also impact the consumers who buy from them, as the company’s data consists of their customer’s personal and financial information.
Don’t Let Your Data Be Taken for Ransom
Because of the high volume of data that’s compromised by ransomware attacks, it’s crucial for consumers to shift how they approach these threats and respond in a similar way that they would a data incident. Luckily, there are actionable steps you can take as a consumer to help secure your data.
Change your credentials
If you discover that a data leak or a ransomware attack has compromised a company you’ve interacted with, err on the side of caution and change your passwords for all of your accounts. Taking extra precautions can help you avoid future attacks.
Take password protection seriously
When updating your credentials, you should always ensure that your password is strong and unique. Many users utilize the same password or variations of it across all their accounts. Therefore, be sure to diversify your passcodes to ensure hackers cannot obtain access to all your accounts at once, should one password be compromised. You can also employ a password manager to keep track of your credentials.
Enable two-factor or multi-factor authentication
Two or multi-factor authentication provides an extra layer of security, as it requires multiple forms of verification. This reduces the risk of successful impersonation by hackers.
If you are targeted, never pay the ransom
It’s possible that you could be targeted individually by a ransomware campaign. If this happens, don’t pay the ransom. Although you may feel that this is the only way to get your encrypted files back, there is no guarantee that the ransomware developers will send a decryption tool once they receive the payment. Paying the ransom also contributes to the development of more ransomware families, so it’s best to hold off on making any payments.
Use a comprehensive security solution
Adding an extra layer of security with a solution such as McAfee® Total Protection, which includes Ransom Guard, can help protect your devices from these cyberthreats.