A great way to kick off a phishing awareness training course is to ask, “How do you get ransomware?” The majority of trainees will be aware that ransomware attacks can be launched by clicking on a malicious URL or opening an infected email attachment. Conscious of the recent WannaCry attack, some may be aware of the importance of keeping software up to date. Other attack vectors are far less familiar—drive-by downloads, malvertising and “found” USB drives, for example.

Depending on trainees´ responses to “How do you get ransomware?” you may be pleasantly surprised or very concerned. At least by asking the question (and ignoring the inevitable smart Alec who answers, “You get ransomware from the Dark Web”), you gauge your employees´ susceptibility to online threats and the preliminary measures you’ll need to take to raise phishing awareness.

After Asking the Question “How do you get Ransomware?” …

After asking “How do you get ransomware?” the next question should concern how to identify suspicious links and attachments, and how to report those suspicions. In most scenarios, the answers to the first half of the question will be textbook; but the second half, how to report suspicious links and attachments, often draws blank faces. This might reveal a major problem with your company´s online security, especially when a link has been clicked or an attachment opened.

All employees need to know the reporting procedure and the importance of swiftly reporting a clicked link or opened attachment. Only by quickly alerting the IT security team to the possible risk of an infection can a threat be well contained and the potential damage limited. Furthermore, employees must know that even if a computer has been locked by ransomware, swift action can prevent the infection spreading to the rest of the network or stop secondary malware from being dropped.

Measures a Company Can Take to Protect against Ransomware

In many areas of life, knowing something and applying that knowledge don’t always follow hand in hand. Although your employees may know “How do you get ransomware?” and even how to report  suspicions, companies should implement measures to protect themselves against ransomware and its consequences. These measures may vary, but generally include:

  • Take frequent back-ups, so if data is encrypted by ransomware, there is a recent restore point.
  • Install a program that will check for and install software updates.
  • Virus scan all external drives and mobile devices connected to the network.
  • Maintain an ongoing program of phishing awareness and keep asking the question “How do you get ransomware?”

Maintain an Ongoing Program of Phishing Awareness with Cofense

Cofense is the leading provider of phishing threat management solutions. We determine employees´ susceptibility to online threats by using simulation exercises. These activities show how much employees know about “How do you get ransomware?” It also conditions them to be up to 95% less susceptible to phishing attacks. Our phishing threat management solutions are used by more than 1,000 companies worldwide, including half of all Fortune 100 companies.

Besides simulation exercises to raise awareness and reduce susceptibility, Cofense lets employees report suspicious emails with the click of a mouse. We offer an incident response platform that prioritizes investigations for IT security teams, based on the results of the simulated phishing exercises. Cofense also offers an intelligence feed of known threats, to eliminate false positives and save time identifying and responding to genuine threats.

To learn more about protecting your business, your data and employees from ransomware, contact us for a free Cofense demonstration. Our team will guide you through our solution so you can  better understand “How do you get ransomware?” and how to protect against it.