Game of Thrones fans who want to avoid spoilers are running for cover in light of last week’s HBO ransomware attack. End-user computing administrators should take notice and learn about security measures that can protect their employees’ data from similar attacks.
Hackers stole a variety of data in a ransomware attack, then released episode scripts, plus HBO employees’ phone numbers, emails and other personal information. This week, they threatened to dump further confidential data.
Typically a ransomware attack corrupts endpoints by taking advantage of Windows operating system vulnerabilities. Hackers encrypt stolen data so that users cannot access it and demand payment in exchange for decrypting the data.
Most often, the actual attack vectors are social engineering tactics, in which hackers trick users into clicking on links or opening email attachments that launch an attack that exploits the OS vulnerability. If a hack affects one device, it can spread through the rest of a corporate network. That’s why user education is the most important tool EUC admins have against a ransomware attack.
Organizations can hire security consultants to educate users, or adopt training software that continuously tests users to ensure they keep endpoint security top of mind. Third-party services can also send fake attacks to users, then report results back so IT can provide extra awareness training to employees who need it.
But security training isn’t always successful. Phishing attacks, for example, are becoming more advanced and can easily trick even the most discerning users. Technology such as email and web filtering tools can help, as well as endpoint and network monitoring suites. Or, organizations can require SSL client certificates that specifically authenticate the domain that a request for a user’s credentials come from.
“The underlying issue here is that any protection that relies on a human being making a reasonable decision is going to fail,” said Karla Burnett, security engineer at mobile payments provider Stripe, at last month’s Black Hat conference, SearchSecurity.com reported.
To make matters worse, ransomware attacks have increased dramatically in the past three years. They’re growing at a rate of 350% per year, according to Cisco’s 2017 Annual Cybersecurity Report. And about 40% of spam emails contained links to ransomware in 2016, up from just 1% in 2015, IBM said in a Cybersecurity Ventures research report.
As in the HBO hack, it’s not just corporate data on the line. Employee privacy is also at risk if users store personal information on their devices. IT departments should implement security and training tools to safeguard their organizations before the White Walkers — ahem, hackers — breach the wall.