In March, 93 percent of all phishing emails studied contained ransomware designed to forcibly encrypt PCs, according to researchers at user-awareness firm PhishMe. And Jim Hansen, PhishMe's chief operating officer, says there's clearly even more money to be made from the ransomware racket, since cybercriminals always ask: "What's working? What's trending? What's making me money?"
But the big question for organizations is: What can they do about it? Awareness, for example, only goes so far. "My mom's aware of phishing attacks; my mom also clicks on links," Hansen says.
In this interview with Information Security Media Group at the Infosec Europe conference in London, Hansen discusses:
- Soft targeting: How criminals are focusing more ransomware attacks;
- Droppers: How ransomware is being spread;
- Evolution: The shift from CryptoWall to Locky;
- Strategies for defending against phishing, including "see something, say something" strategies.
Before joining PhishMe, Hansen previously held a variety of information security roles, including chief operating officer for Mandiant, vice president of sales and operations for Oakley Networks and director of computer forensics for Trident Data Systems. He's also served as a special agent in the U.S. Air Force Office of Special Investigations.