What Strategies Do Hackers Use To Deliver Ransomware?

Access to your nonprofit organization’s data is one of the best tools you can provide your employees and volunteers to further your mission, provided you’re not giving it away to unauthorized users. Ransomware is an increasing threat, and it’s infecting IT systems for both businesses and nonprofits.

Hackers are continually finding new types of ransomware and strategies to trick your users. When they do, they will encrypt your files so you can’t use them and demand a ransom payment to release them. (Some still won’t even after you pay.) Because of this, your employees and volunteers must know what to watch for.

6 Ways Ransomware Can Infect Your Nonprofit’s Computer Network:

1. Email Links and Attachments

One of the most common ways that nonprofits get infected with ransomware is via phishing emails. The criminal’s email campaign uses a spoofed email address to appear like a legitimate one and lure your users into downloading malware through an email attachment.

For example, an attacker may send an email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there’s a problem.

Your employees and volunteers should always be wary of unsolicited emails, even if the sender appears to be known. They should verify web addresses independently (e.g., contact your helpdesk or search the internet for the main website of the organization or topic mentioned in the email). It’s also essential not to forward infected emails. The best thing to do is to delete it and contact IT security.

2. Infected USB Drives

If an employee or volunteer in your nonprofit finds a USB drive that’s infected and plugs it into their computer, it can introduce a ransomware virus into their computer and your network. They should never use an unknown USB drive. Tell them to only use ones they know are safe.

3. Unpatched Software and Out-of-Date Operating Systems

Be sure to keep your software and operating systems up to date. Software developers release patches for new security threats. Make sure you install them right away. If you don’t, your IT system will be vulnerable to ransomware.

If possible, set your IT system to update automatically, this way you won’t miss critical updates. Your IT service company can look for security gaps in your system and limit vulnerabilities that hackers can exploit.

Replace all outdated software before the developers end support. For example, Microsoft announced they are stopping mainstream support for Windows 7. This is a popular operating system, so this creates concern for many. All support for Windows 7 will end on January 14, 2020.

This means that you won’t get bug fixes or security updates from Microsoft. Over time, the declining security and reliability of Windows 7 will make your computers vulnerable:

  • Your computers could be infected by malware;
  • Your antivirus won’t be updated;
  • Your online banking transaction protection may expire; and
  • Your financial data could be exposed to theft.

4. Infected Links in Skype and Other Messaging Apps.

There are versions of Skype malware that have been designed to steal sensitive data and distribute malicious content. It sends messages like, “Hey, check this video” or “This is a very nice photo of you.” If your users click on the link, the malware will be downloaded into their computers.

Messaging platforms, like Skype, can also introduce infected links via chat rooms. Make sure your users know not to open links from unknown senders.

5. Infected Websites

Malicious websites can deliver ransomware to your users’ computers. All they need to do is visit the website. These websites often look like legitimate websites. They might ask you to download software that you “need.” It only takes one installation, and your computer is infected with ransomware.

Drive-by downloads are very scary. This is when you simply browse a website or click on a pop-up window, and the ransomware is delivered to your computer. If your anti-virus software doesn’t detect it, your computer is compromised. Hackers design ransomware that’s difficult for anti-virus software to detect.

6. Infected Software and Documents

Your users should never download unknown software from the Internet. If they need to, they should consult with your IT security team. Files downloaded from the internet are at a higher risk of containing ransomware viruses.

It’s best to restrict your users’ permissions to install and run software applications and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network.

Even Microsoft Office files can contain ransomware viruses. Remember the best practice of not opening attachments and files from sources you and your users don’t completely trust.

What Can You Do To Prevent Your Nonprofit From Being Infected With Ransomware?

Arrange For Security Awareness Training. Your staff can have a significant effect on your cybersecurity – either they know enough to keep your assets secure, or they don’t, and thus present a serious threat to your security.

Security awareness training helps your users know how to recognize and avoid being victimized by phishing emails and scam websites. They learn how to handle security incidents when they occur. If your employees and volunteers are informed about what to watch for, how to block attempts and where they can turn for help, this alone is worth the investment.

Remain vigilant and protect your nonprofit from ransomware; check into Security Awareness Training for your users.

If you found this article helpful, check out the others on our Blog.

The #1 Security Threat to Local Small Businesses

St. Louis IT Services For Nonprofits – Questions and Answers

What Are 3 Common Technology Worries For Nonprofit Organizations?