On July 23, 2020, a ransomware infection struck Garmin, the electronics company that produces fitness trackers, GPS traffic navigation systems and aircraft avionics and information systems. The malware locked up its fitness tracking services and customer service systems, as well as flight information services used by many private and commercial pilots for planning their flights.
The outages caused by the Garmin ransomware infection illustrate the extent to which a business’s operations can be affected, resulting in loss of revenues, as well as impacting the organization’s reputation for reliability and even safety. The company’s stock price dropped by 8% in one day, and the ransom demanded in bitcoin currency reportedly could have been as much as $10 million.
Truly evil things can happen when attackers can find a path to operational systems through employees
The attack was traced to a well-known hacker group with the nickname EvilCorp, which is connected to two Russian men who have been identified and are wanted by the US government.
This is a prime example of a business whose profitability is highly dependent on the availability of its information systems to deliver services. When a ransomware attack is able to impact such a wide range of its operations, this shows that there are vulnerabilities in the security of its networks. It also indicates that there is likely to be an apparent path for spear-phishing attacks that originate outside the organization to target employees and gain a foothold in that network.
Quite often, a ransomware attack begins with social engineering and spear-phishing attacks that use information gathered about the organization and people. Team members need to recognize not only that they can be a target for such attacks, but what a social engineering operation and spear-phishig attack on their business processes would look like to them, as employees.
Employees need to know what a real attack on them will look like
Designing a security awareness program with social engineering training that is tailored to your business processes, and is relevant to employees is becoming more important in preventing highly damaging outages. The use of gamified cyber security awareness training courses, such as those that can be created using Click Armor’s Active Awareness platform, may be the fasted and most cost effective way to address human vulnerabilities in your business.
