Please see the below comment from cybersecurity expert in response to the news that a cyber criminal group has posted what it claims are documents stolen from Hackney Council in a ransomware attack.
<p>Although it\’s unclear how this particular group delivers its ransomware payload, it\’s likely that phishing has played a role. Figures from last year show that distributing ransomware attacks via email is quickly coming \"back into fashion\", while our own research found that <a href=\"https://urldefense.proofpoint.com/v2/url?u=http-3A__bit.ly_3mZ8lnx&d=DwMFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=4Md13W86ua7ez7eNU93XHnYag04EWEhi1WBBXQpnyzc&m=WBOLYFQsbUZWtLypDCOaiVIMvwmfTZPOkUyUFniqwJo&s=_KYDwREkOoBpEFl6nvb1gR3iCMFtnxuj-Mb-3WdQ88E&e=\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://urldefense.proofpoint.com/v2/url?uhttp-3A__bit.ly_3mZ8lnxdDwMFaQceuGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMMr4Md13W86ua7ez7eNU93XHnYag04EWEhi1WBBXQpnyzcmWBOLYFQsbUZWtLypDCOaiVIMvwmfTZPOkUyUFniqwJos_KYDwREkOoBpEFl6nvb1gR3iCMFtnxuj-Mb-3WdQ88Ee&source=gmail&ust=1610444056414000&usg=AFQjCNH2uLabpBP4_GQJGpCuIWTTHuNroQ\">a third of IT leaders</a> have experienced a rise in ransomware delivered by phishing messages since companies started working fully remotely last year.</p> <p> </p> <p>As hackers continually look for ways to hack humans in order to hack organisations, businesses must find ways to secure their people, especially as they continue working remotely. Educating people will help but advanced attacks like this require advanced security solutions. Often, hackers will build trust with their targets over time, and across multiple emails, <em>before </em>sending the tell-tale malicious payload link or attachment. Solutions need to be in place to automatically detect this threat, and alert employees, at the very start of the email chain to avoid valuable data being stolen and extorted.</p>
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics