Topic: A ransomware attack can begin in surprisingly simple ways
Ransomware can sneak into an organization by simple deception.
Often referred to as social engineering, hackers often look for cracks in the human shield at organizations.
This lets the attackers in the door, allowing them to gain higher “privileges” – or a higher level of security access – in a computer network; the key to carrying out a ransomware attack.
“Social engineering attacks can be executed to escalate privilege and gain more sensitive information and access over a series of attacks,” Alethe Denis, social engineering expert and consultant for Critical Insight, told Fox Business.
Most cyberattacks – about 70 percent – are related to email phishing, Denis said. Phishing emails – which appear to come from a trusted source – are a simple but effective form of social engineering.
A more sophisticated approach involves a “well-thought-out and formally planned attack that has one or more social engineering elements,” Denis said, adding that this kind of ransomware attack might, for example, target the oil and gas sector.
This approach may employ the gathering of seemingly innocuous information via a phone call, email or text message.
Topic Discussed: A ransomware attack can begin in surprisingly simple ways