How Ransomware Gangs Use Your Employees Against You (and What to Do About It)

The COVID-19 pandemic brought an increase in cyberattacks—so much so that they have now been recognized as a serious global threat.

“Companies can expect daily ransomware attacks”. This incredible statement was made by Paul M. Nakasone, Commander, U.S. Cyber Command and Director, National Security Agency/Chief, Central Security Service.

The threat is so severe that US President Joe Biden has engaged international leadership, namely Russian President Vladimir Putin, in discourse about the growing number of cyberattacks. The hope is to create meaningful change that will decrease the frequency of these harmful viruses and stop destructive data breaches. It’s also very interesting to see that Russia and China were left out of the most recent global anti-ransomware meetings. It was a counter-ransomware event that included ministers from more than 30 countries. Apparently the snub was a consequence of Russia and China’s malicious cyber activities in the last few months.

Why is all of this relevant to your SMB?

The current state of commercial cybersecurity leaves many companies vulnerable to attacks not simply from single bad actors, but from what are known as “ransomware gangs.” These gangs work together to deploy high-level hacking technology that many businesses are simply ill-equipped to handle.

Ransomware Gangs Have Better Infrastructure than Most Companies

Ransomware gangs often operate through a sophisticated system of their own construction. These intricate systems can be constructed, demolished, and reconstructed several times throughout the year, with no interruption in attacks. Because of this, SMBs with limited anti-ransomware resources are vulnerable to continued data breaches, as they cannot keep up with the complex, ever-changing network through which ransomware gangs attack.

However, there is one consistency executives can address if they want to mitigate risk in their company: Disloyal employees are very often the main resource these harmful gangs use to deploy their ransomware.

Employees are a Powerful Ransomware Tool

“We have ransomware becoming very popular as an insider threat,” says Alex Artamonov, Technology Manager and Information Security Officer at Infinitely Virtual, “a lot of these groups try to recruit insiders.” The gangs “recruit” company employees by making contact and either bribing or blackmailing them. They may ask them to install ransomware in their company’s system in exchange for a reward such as cryptocurrency.

“Every time someone installs malware it’s either on purpose or “accidentally” on purpose,” Infinitely Virtual CEO Adam Stern notes. This common betrayal of company trust may not always come with nefarious intentions, but the result is still the same: Financial damages, loss of business, and tarnished reputations.

Limit Access and Encourage Loyalty in Employees

Small-to-medium business owners (SMBs) can mitigate the risks of insider threats by compartmentalizing and limiting employee access to just that which is necessary for their specific job.

A more long-term strategy is to create a more openly-communicative, transparent work environment in which employees feel comfortable to approach leadership should they be contacted by a ransomware gang. This may not eliminate all insider threats, but it could increase employee loyalty, which may diminish a ransomware gang’s power to recruit a member of your team.

Cybersecurity Must Go Beyond Employees

Ransomware gangs will seek to find a way to infiltrate businesses even without insider help. While enterprise-level companies may execute multi-layered strategies to thwart attacks, SMBs rarely have the resources necessary to sufficiently protect their business. In addition, many SMBs could benefit from reframing their perspective on what cybersecurity is and how it can work in their business.

“You have to look at cyber security not simply as a checklist,” says Stern, “but as a process of constantly evaluating where the gaps are and fixing them and testing them.” Buying a piece of anti-malware software isn’t enough. Instead, SMBs can find success by adopting an iterative cybersecurity process that is capable of identifying and shoring up points of vulnerability.

No Business Can Afford to Ignore Cybersecurity

Should SMBs choose to invest more time, money, and attention into their cybersecurity, they may avoid catastrophe. Those who place cybersecurity low on their list of priorities will likely find that they are the victim of a successful ransomware attack at some point in the future.

With attacks happening every day, it is imperative for SMBs who wish to maintain the health and integrity of their company to seek greater protection against these harmful viruses.

Infinitely Virtual is Your Partner in the Battle Against Cyberattacks

Cybersecurity is a serious threat, and we are serious about our solutions. Our multi-layered Enterprise Virtualization Environment (E.V.E.) comes with best-in-class data protection to provide you with secure virtual infrastructure you can count on. From 100% uptime to industry-leading intrusion detection technology, our solutions protect you—and those whom you serve. Contact a representative today to learn more about how our IaaS solutions can improve cybersecurity in your business.