Ransomware attacks are no longer just about systems and data – more often now, the pressure is aimed directly at people, say Katie Barnett, Director of Cyber Security, and Gavin Wilson, Director of Physical Security and Risk, at the London-based consultancy, Toro Solutions. They say: “We’re seeing more incidents where criminals target executives, finance teams, IT staff and anyone involved in handling the response or ransom negotiations.
“What makes these threats more concerning is how much information attackers already have before they make contact. Home addresses, phone numbers, family details, routines and social media activity are all being used to intimidate individuals and put pressure on organisations to make decisions quickly.
“It also changes how organisations need to respond. This is no longer just an IT issue happening behind the scenes. Organisations need to think about how they support staff if threatening contact is made, whether employees know how to escalate concerns and how cyber, physical security, HR and legal teams work together during an incident.
“A lot of organisations have cyber response plans, but fewer have actually tested what happens if an employee receives threats at home or is personally targeted during an incident. Those scenarios should be part of tabletop exercises and involve more than just IT teams. Physical security, HR, legal and leadership all need to be part of the response.
“It’s also worth reviewing how much information about employees is publicly available online. Attackers are piecing together details from LinkedIn profiles, company websites, conference appearances and social media to make threats feel more personal and credible. The less information that’s out there about key individuals, their routines and their families, the harder it is for criminals to use intimidation effectively. Cyber and physical security are now overlapping far more than many organisations realise and businesses need to start treating them as part of the same conversation.”
CIOs surveyed
Logicalis in its CIO Report, a survey of 1,000 chief information officers (CIOs) globally, found that most, 77 per cent of organisations experienced a cybersecurity incident in the past year, and security teams, already under sustained pressure before AI, are now struggling to keep pace. About a third report reduced ability to detect breaches, a similar number (34pc) cite increased blind spots, and 41pc say incident response times have worsened. As a result, 68pc have raised budgets for post-breach remediation and ransom payments in preparation for incidents that increasingly feel inevitable. Despite the opportunities presented by AI, just under half say they often wish AI had not been invented. Visit https://www.logicalis.com/cio-report.
Guidance
Ransomware is defined as a type of malware that prevents you from accessing your computer (or the data that is stored on it). For guidance on what to do if affected by malware visit the UK official NCSC website.
Attachments
As the vendor Barracuda says in its email threats report, malicious attachments deliver harmful code such as ransomware, spyware or other malware, often cleverly disguised as routine business documents such as payment invoices, software updates or ‘urgent’ security notifications; leading to data loss, financial damage or system compromise. One click can trigger.
