Ransomware Attacks: What They Are & How to Prepare Your Employees Against them

Longtime SecurityAdvisor partner Palo Alto Networks (PAN) recently unveiled highlights from its 2021 Unit 42 Ransomware Threat Report that reveal exciting insights into the top variants, payment trends, and security best practices.

Despite its recent popularity amongst cybercriminals, ransomware attacks are pretty old. The first documented ransomware attacks targeted the healthcare industry in 1989. The concept is simple, malicious software gains access to files or systems and encrypts critical data to prevent users from accessing the information. Cybercriminals demand a specific of money from the business – PAN found the average request grew to $312,000+ in 2020 – and threaten to delete or publicly share the data, depending on the sensitivity of the information.


Ransomware’s simplicity is also why it’s so pervasive. Consider this: 1 in 5 Americans were the victim of ransomware in 2019. However, researchers have discovered that cybercriminals are not content with traditional attack vectors and are experimenting with novel attack vectors. Cheap ransomware-as-a-service options are increasingly available on the Dark Web, while IBM found that 59% of incidents can be categorized as “double-extortion” ransomware attacks. Cybercriminals use double-extortion attacks to bypass corporate backup defenses by stealing critical data first and then encrypting it.

Ransomware attacks are both inexpensive and simple to carry out, security leaders must strengthen the human element of their security posture in order to protect their critical data. While technical safeguards such as endpoint protection, micro-segmentation, and phishing protection can help prevent ransomware from spreading, the majority of cybercriminals steal credentials directly from employees. Enterprises that provide employees with SecurityAdvisor’s personalized coaching can flag risky behaviors that lead to ransomware breaches in real-time. Capitalizing on these ‘teachable moments’ is the only way to influence user behavior positively.


The beauty of personalized coaching is that it allows security leaders to identify high-risk users within their organization. Businesses can track the number of times a person engages in an action that triggers these security microlessons and measures progress over time. CISOs can design security awareness initiatives that address specific behaviors their workforce is struggling with to significantly reduce the risk of ransomware infections through targeted engagement with high-risk users.

To protect themselves from ransomware, security leaders must have transparency into their employeess' actions when faced with an attack. Phishing simulations only measure one source of malware, and simulated campaigns may not always reflect the real-world tactics of malware threats. Measuring employees’ resilience against real-life malware is the only way to gain a sense of their aptitude in preventing data breaches. Try SecurityAdvisor’s disruptive awareness coaching today.


Learn how SecurityAdvisor can help your team

Schedule some time to talk with one of our experts and they will show you how we can help your organization.

Schedule a Demo