Here’s what we can do to reduce the risk of a ransomware attack
A ransomware attempt on Tesla, confirmed by Elon Musk, which ended with the Russian perpetrator being arrested by the FBI after a company employee rejected his million-dollar offer to help hack into the company’s computer systems, highlights the increasing level of professionalism of the crooks dedicated to this aspect of cybercrime: a carefully planned attack using social engineering — trying to obtain the collaboration of a fellow Russian employee by using another person of the same nationality — and directed at one of the world’s best-known companies of the moment.
The early ransomware scenarios typically involved spam messages sent en masse to try to catch out unwary people who, when they opened the file and clicked on it, installed a virus that allowed the encryption scheme to be set up. It was, so to speak, like throwing seeds into the wind to see if any would fall on fertile ground, and there were usually small profits to be made from individuals who did not want to lose their data. The idea was to gain “a lot of little”, with a very moderate effort and fairly low exposure.
The second scenario, which we have been seeing for some time now, has nothing to do with the previous one. This is highly organized crime focused on businesses: any company is susceptible to this type of attack, although well-known…
