Targeted Campaigns Against Smaller Companies
Adversaries are increasingly hitting smaller companies used to only receiving generic spam with highly targeted ransomware phishing emails, said Jonathan Couch, ThreatQuotient’s senior vice president of strategy and corporate development. Threat actors will research the employees at smaller businesses and the functions they serve and craft an email that gets them to click on a link or open an attachment.
Enterprise companies often have architecture and backups in place that allow them to resist ransom demands since adversaries are unable to hop from one network to the other and offline backups are maintained, according to Couch. Conversely, smaller organizations typically don’t have the backups and architecture in place to resist demands for ransomware gangs, Couch said.
Ransomware groups have found that they can slowly but surely bleed smaller businesses such as law firms out of millions of dollars if the only alternative is going out of business, he said. Threat actors have also moved to spear phishing small businesses since generic phishing emails have a 1 percent response rate while emails designed to look like they’re from a third-party vendor can get a 75 percent response rate.