SEVEN COMMON
WAYS RANSOMWARE
CAN INFECT YOUR
ORGANISATION
The answer to ransomware lies in prevention rather than cure.
Tamer Odeh, Regional Director at SentinelOne in the Middle
East, explains how malware commonly infects devices.
nderstanding how
U
ransomware infects a
device and spreads
across a network is
crucial to ensuring
that your organisation
does not become the next victim of an
attack. As recent trends have shown, the
danger of losing access to your data,
devices and services is compounded
by threat actors that are now exfiltrating
data and threatening to leak it on public
sites if victims don’t pay up. Ransomware
operators have become wise to the
threat to their business model from
their own success: increased public
attention of the ransomware threat has
pushed (at least some) businesses to
invest in backup and recovery. But those
techniques become redundant when
the perpetrators are holding your most
sensitive customer and corporate data
over your head.
Post infection, ransomware can spread
to other machines or encrypt shared
filers in the organisation’s network.
In some cases, it can spread across
organisational boundaries to infect
supply chains, customers and other
organisations and indeed, some malware
campaigns have specifically targeted
MSPs. The real answer to ransomware
lies in prevention rather than cure. So
just how does this devastating malware
commonly infect devices?
1. Breaches through phishing
and social engineering
Still the most common method for
hackers to initially infect an endpoint
with ransomware is through phishing
emails. Increasingly targeted,
personalised and specific information
is used to craft emails to gain trust
and trick potential victims into opening
Tamer Odeh, Regional Director at
SentinelOne in the Middle East
The real answer to
ransomware lies in
prevention rather
than cure.
attachments or clicking on links to
download malicious PDF and other
document files. These can look
indistinguishable to normal files and
attackers may take advantage of a
default Windows configuration that
hides the file’s true extension. For
example, an attachment may appear to
be called ‘filename.pdf’, but revealing
the full extension shows it to be an
executable, ‘filename.pdf.exe’.
74 Issue 29 | www.intelligentciso.com