Tag Archives: ransomware

The weakest link: how to change user behaviour with phishing awareness training

by Nick Ross

It is widely understood that human beings are the weakest link in the cybersecurity chain. So it should come as little surprise that in the vast majority of ransomware campaigns, cyber-criminals use social engineering techniques to exploit the individual. A majority of attacks start with a phishing email. For this reason, many organisations are looking for products and services to help mitigate this significant cyber-risk.  

In fact, it’s become such a thriving segment of the cybersecurity market that Gartner has created security awareness training magic quadrants to rank vendors and their products. So what do best practice staff training programmes look like?

Continue reading

How Trend Micro and partners are keeping customers safe from the Kaseya ransomware attack

One of the most audacious cyber-attacks of recent years was revealed last December, when state-backed hackers infected customers of an IT software company via a malicious update. That SolarWinds attack resulted in the compromise of at least nine US government departments. At the time Trend Micro warned that this was just the tip of the iceberg. Unfortunately, we were right. Now, potentially thousands of customers of another IT management software company, Kaseya, have experienced a similar fate.

While US intelligence agencies investigate, Trend Micro and its partners’ customers remain protected via multiple layers of defence. Here’s what happened and how we’re keeping these organisations safe.

Continue reading

How the UK’s education sector can tackle a new ransomware spike: Pt 3

by Jonathan Wharton-Street

The UK’s schools, further education colleges and universities are increasingly in the crosshairs of global threat actors. Why? Because they’re viewed as easy and potentially lucrative targets: with few resources to spend on cybersecurity, but at the same time under great pressure to keep classrooms open. Combined this with large volumes of sensitive personal and financial data and you have a perfect target for a ransomware group. 

In the previous two parts of this blog series, we explored the main threat vectors used by these groups, the potential impact of attacks, and recommendations from the National Cyber Security Centre (NCSC) on how to stay secure. 

Now it’s time to offer our own advice for education institutions, and show you how Trend Micro products can help.

Continue reading

How the UK’s education sector can tackle a new ransomware spike: Part I

by Jonathan Wharton-Street

Ransomware threats have been building for several years. With the barrier to entry lowered considerably thanks to “as-a-service” affiliate programmes, threat groups have thrived. Along with healthcare, the education sector was hard hit during the height of the pandemic, particularly in the UK. Unfortunately, the risks are no less acute in 2021: the National Cyber Security Centre (NCSC) has recently issued a new alert warning of a surge in attacks on schools, colleges and universities. 

From speaking with customers in the education sector, we understand that the lack of centralised visibility and management across hybrid environments and systems has put a strain on resource to manage the disparate systems / consoles by multiple vendors, but more importantly that this has created a risk of threats been missed or a delay in seeing them until too late. We also understand that 3rd party Research which brings in much needed revenue to Higher education customers, is an areas that most concerns them from the threat of ransomware.

In this first of a mini blog series on ransomware in the education sector, we take a look at the scale of the threat, and where resources should be best directed to mitigate it.

Continue reading