Don’t Pay the Ransom: A Three-Step Guide to Ransomware Protection


Compared to the straightforward WannaCry-style “compromise and encrypt” attacks of a few years ago, attackers are now taking a more sophisticated multi-vector approach. Attacks still often start with a spear-phishing email, but today’s ransomware attacks aren’t triggered immediately when the target clicks the malicious link.

Instead, cybercriminals use this step to steal the credentials of the victim. The credentials are then used to access the organization’s network and lurk there, evaluating assets, servers, databases, and the email platform. This surveillance can last for weeks or even months before they unleash their attack. This is exactly what happened in the ransomware attack against the Irish health service body, the HSE. The attackers claim they spent weeks inside the HSE’s network before launching the attack that encrypted and stole 700GB of patient data.

Please fill this form below to download the Whitepaper