ALERT: New Ransomware Strain Targeting Very Specific Users
A new strain of Ransomware called "Defray" is spreading it's way around. This is different in how it is being targeted and distributed. The distribution of Defray has several notable characteristics:
•Defray is currently being spread via Microsoft Word document attachments in email
•The campaigns are as small as several messages each
•The lures are custom crafted to appeal to the intended set of potential victims
•The recipients are individuals or distribution lists, e.g., group@ and websupport@
•Geographic targeting is in the UK and US
•Vertical targeting varies by campaign and is narrow and selective
What can you do?
- Educated your staff reminding them to be vigilant in managing their email
- Continue to keep email systems such as gmail.com, Hotmail.com, yahoo.com etc blocked from within your corporate networks
- Utilize information security awareness tools that provide training, and tracking of training, as well as simulated phishing and other social engineering to ensure your staff is prepared, educated and aware.
- Instruct your staff to never open emails that seem suspicious, or that contain email attachments when not expected.
- Educate your staff to look at the "From" send field to ensure that emails and the addresses are from accurate domains.
- Ensure that your firewall has IDS and IPS protections, as well as ongoing monitoring and alerting
- Take action to start moving your desktops and servers to machine learning enabled endpoint detection and next generation antivirus systems
For more information from The IT Company about Information Security Awareness training systems, IDS/IPS Monitoring and Alerting and endpoint detection and next generation antivirus systems contact our team at 865-392-9200.
For more information we have linked some articles for your reading pleasure: