Jacky Fox Last night, Twitter was subjected to a massive security breach as many of its verified ‘blue-tick’ accounts tweeted a phishing message about the donation of bitcoins.
WHILE THE COVID-19 pandemic is first and foremost a health and humanitarian crisis, there’s a massive business impact which is challenging our cybersecurity world. The shift to remote working creates an attractive proposition for threat actors to step up social engineering campaigns and ransomware. Doxware usually asks for a relatively low ‘fee’ for the destruction of the mythical footage so that the victim is more likely to pay. Ransomware is sometimes targeted at an individual or organisation but more often it is random and is contracted by either an individual being phished, clicking a link in an email or by visiting an infected website.
However, the criminals do recognise that if they don’t keep to their end of the transaction they will become ‘disreputable’ and people will never pay. Law enforcement bodies and organisations such as No More Ransom advise that you should not pay the ransom. Nevertheless, we do sometimes see organisations quietly paying.
Whether you decide to pay or not, you will need to wipe and reset infected systems and try to establish if you have had a data breach. At this point, you might well ask why did your antivirus software not detect and block the attack?