Cybercriminals are always in-the-know, as they often take advantage of world events as a way to gather user data or spread malicious content to their victims. As we all know, there has been a significant surge in threats that are exploiting the current pandemic with COVID-19 themed malicious content, malware, phishing campaigns, and ransomware.

COVID-19 Ransomware

During the first quarter of the year cybercriminals were targeting manufacturing, law, and construction businesses. After carefully pinpointing their targets to capture the most amount of victims, these cybercriminals spread COVID-19 themed ransomware campaigns to companies like these in an effort to capitalize on the world in disarray.

Ransomware – The New Data Breach

As ransomware evolves, it’s not just file encryption that users need to be worry about – they also need to be aware of the implications of compromised data. If a ransomware attack successfully exploits an organization for their money, their network has already been compromised. The same can be said for the data on that network. These hackers can gather the data before encrypting it for “ransom”  and use this stolen data in the future to also conduct identity theft or spread other malicious deeds that can affect both the organization’s employees and their customers.

Protect your data from ransom attacks

Because of the increasing volume of data that’s compromised by ransomware attacks every day, it’s crucial for all of us to adapt how we approach these threats, and respond in a similar way that they would a data incident. Luckily, there are steps you can take as a consumer to help secure your data.  

Change your credentials periodically.

If you discover that a data leak or a cyber attack has compromised a company you’ve interacted with, it is best to stay cautious and change your passwords for all of your related accounts. Taking extra precautions can help you avoid future attacks, in fact we advise to change your passwords whether or not there has been any compromised data from an institution you’re involved with. It’s better to be safe than sorry.

Take password protection seriously

When updating your credentials, you should always ensure that your password is strong and unique. Again, we have mentioned password managers in the past. They can help you with remembering long unique strings of passwords, and they can be even used to generate them as well. Many users have the same password or variations of it across all their online accounts. We strongly advise you diversify your passwords to ensure hackers cannot obtain access to all your accounts at once, should one password become compromised. 

Enable two-factor or multi-factor authentication

Two or multi-factor authentication provides an extra layer of security over your passwords, as it requires multiple forms of verification. This reduces the risk of compromised data and has proven to be a large blockade against the cybercriminal world.

If you are targeted, do not pay the ransom!

While unlikely, It’s possible that you could be targeted individually by a ransomware campaign. If this happens, we do not advise paying the ransom ever! You may feel that this is the only way to get your encrypted files back, but there is little to no guarantee that these criminals will send a decryption tool once they receive the payment. Paying the ransom also contributes to the funding of these criminals for further development of more ransomware as well, so it’s best to hold off on making any payments.