The chaos created by the COVID-19 pandemic worked brilliantly for cybercriminals who targeted businesses and government agencies around the world. But guess which type of attack stood out? You guessed it. Ransomware.
Nearly 70 percent of companies fell victim to ransomware attacks in 2020. The fundamentals of ransomware remain the same — victims have to pay a ransom to cybercriminals in order to regain control of their data. However, the tactics have become more sophisticated, which often allows criminals to bypass the first line of defense.
As an MSP business owner, you need to protect your customer data from ransomware so your customers continue to do business with you and for them to have a business in the first place. But before you go into combat all guns blazing, you need to understand the types of ransomware attacks you’re up against.
Types of Ransomware Attacks During COVID-19
As the COVID-19 pandemic engulfed the planet, malware mercenaries exploited vulnerabilities exposed by rookie remote employees working on networks devoid of company firewalls and other safety measures.
Here are five types of ransomware attacks that gained hackers easy system access and a hefty payday.
Drive-by-download websites (aka fake websites) lured users into downloading malware onto their devices, giving hackers access to their systems. The tactic was as simple as it was effective since all the hackers had to do was buy web domains that included the words corona or COVID.
A spoof of the Italian Federation of Pharmacists website tricked users into downloading ransomware disguised as a dashboard displaying data on COVID-19.
2. Insider Threats
People from within your customer’s organization can spread ransomware as well. On one hand, your customers have to deal with rookie remote workers, and on the other, disgruntled former employees. Irrespective, both pose a danger to an organization’s precious data.
Shopify, the e-commerce giant, was breached by two rogue employees, affecting almost 200 ecommerce stores.
3. Disruptive Malware
The pandemic placed immense pressure on the healthcare system, leaving it no room to fight against security threats. Ransomware and DDoS attacks were targeted at hospitals and medical research centers to disrupt a system that was already hanging by a thread.
Hackers attacked a British research company that was preparing to conduct COVID-19 vaccine trials. Thousands of stolen credentials were made public because the research firm did not have the funds to pay the ransom.
4. Email-Based Attacks
Email-based attacks performed better during the pandemic as remote workers who were trying to juggle a flurry of activities were caught off guard by phishing emails.
Phishing emails under the name of the World Health Organization (WHO) were sent out on a large scale to trick people into clicking on malicious links.
5. Mobile Phishing
A whopping 57 percent of organizations have experienced a mobile phishing attack. It is an improved version of traditional phishing wherein a fake mobile application delivers malware.
Corona Live 1.1 is the malicious version of the legitimate Corona Live Android application that tracks Coronavirus cases. The hoax application targeted users looking to get the latest updates on the virus. Unfortunately, they were in for a surprise.
Unitrends MSP: The Right Way to Tackle Ransomware
Data is the lifeblood of your customers. Without it, they can’t operate. The best way to protect your customers from ransomware is by using a robust business continuity and disaster recovery (BCDR) solution to detect an attack before it causes any real damage.
Unitrends MSP is an enterprise-class BCDR solution made for today’s MSP. Ransomware Detection allows MSPs to monitor ransomware extensions. In case these extensions keep throwing up customer file names, or if large volumes of files are getting renamed mysteriously, you can flag customers alerting them of a likely ransomware attack. Moreover, machine learning and change rate monitoring increases your capacity to detect ransomware. Contact us today to get a demo of Unitrends MSP.