Real-Life Monsters (and Ransomware)

PDF

In continued recognition of cybersecurity awareness month, Maynard’s Cybersecurity & Privacy Team brings you this week’s installment of terrifying tales of cyber scares.

Halloween had always been Cindy’s favorite holiday. She was the office manager at Happy Candy Corn Company, and the highlight of her October was planning the office Halloween party. She had big plans for this year – a costume contest, bobbing for apples, scary movies in the conference room - and one very special surprise- real-life monsters. Happy Candy Corn’s CFO, Mark, had hired some of his improv class buddies to dress up as monsters to provide some hair-raising fun at the office party. The week before the party, Cindy received the following email:

From: Happy Candy Corn CFO <HCCCFO456078[@]yahoo.com>

Greetings Cindy,

Please transmit payment to the vendors for the Hal0ween event using this link. Please hurry so that we do not lose the booking. I am unable to handle it because I am traveling.

Sincerely,

Mark

Perfect, Cindy thought, as she merrily clicked. Suddenly, a skull appeared. “Trick or treat,” her screen read, “you have 24 hours to pay us $5,000,000 in spookycoin or get ready for some real scares.” Suddenly, the party was the last thing on Cindy’s mind. The email wasn’t from Mark at all. It was a hacker who had infected her system with ransomware. Now she was locked out of all her files, and soon, too, was the whole company. What’s worse, the company’s backups were also encrypted, and without access to any of their existing orders, the company would be unable to fulfill all the outstanding candy orders – during the largest candy sales period of the year! EEEEEK!!!!!

Don’t be like Cindy. Here are some ways to mitigate the risk of ransomware attacks:

• Don’t click on web links in emails without careful scrutiny.
• Implement a program to train employees and other users on the risks of phishing emails and how to spot them.

• Verify the sender of any messages you receive before taking further action.
• Implement data backup and recovery plans that include airgapped and/or immutable backups.
• Deploy advanced endpoint protection, and ensure all operating systems and software is up-to-date.

If you have any questions about how to improve your organization's cyber resiliency, contact a member of Maynard’s Cybersecurity & Privacy Team.