Ransomware Attacks: What it is and How to Prepare Your Employees Against them Blog


Longtime SecurityAdvisor partner Palo Alto Networks (PAN) recently unveiled highlights from its 2021 Unit 42 Ransomware Threat Report that reveal exciting insights into the top variants, payment trends, and security best practices.

Despite its recent popularity amongst cybercriminals, ransomware attacks are pretty old. The first document ransomware attacks targeted the healthcare industry in 1989. The concept is simple: malicious software gains access to files or systems and encrypts critical data to prevent users from accessing the information. The cybercriminals request a set amount of money from the business – PAN found the average request grew to $312,000+ in 2020 – and threaten to either delete the data or share it publicly, depending on the sensitivity of the information.


Ransomware’s simplicity is also why it’s so pervasive. Consider this: 1 in 5 Americans was the victim of ransomware in 2019. Researchers, however, have found cybercriminals aren’t resting on their laurels and are adopting new spins on the attack vector. Cheap ransomware-as-a-service options are increasingly available on the Dark Web, while IBM found that 59% of incidents can be categorized as “double-extortion” ransomware attacks. Double-extortion attacks refer to cybercriminals exfiltrating critical data before encrypting it to bypass corporate backup defenses.

Ransomware attacks are both cheap and easy to execute, so security leaders must fortify the human element of their security posture to protect their critical data. While there are technical safeguards that can prevent ransomware from spreading, including endpoint protection, microsegmentation, and phishing protection, the majority of cybercriminals steal credentials directly from employees. Enterprises that provide employees with SecurityAdvisor’s personalized coaching can flag risky behaviors that lead to ransomware breaches in real-time. Capitalizing on these ‘teachable moments’ is the only way to influence user behavior positively.


The beauty of personalized coaching is that it allows security leaders to identify high-risk users within their organization. Businesses can keep track of the number of times a person engages in an action that triggers these security microlessons and measure their progress over time. Through targeted engagement with high-risk users, CISOs can design security awareness initiatives that address specific behaviors their workforce is struggling with to reduce the risk of ransomware infections significantly.

To protect themselves from ransomware, security leaders must have transparency into their employees’ actions when faced with an attack. Phishing simulations only measure one source of malware, and simulated campaigns may not always reflect the real-world tactics of malware threats. Measuring employees’ resilience against real-life malware is the only way to gain a sense for their aptitude in preventing data breaches. Try SecurityAdvisor’s disruptive awareness coaching today.

Learn how SecurityAdvisor can help your team

Schedule some time to talk with one of our experts and they will show you how we can help your organization.

Get a demo Today