Cyber cops warn businesses of increased ‘ransom’ risk

(CNS): The Cayman Islands Government’s Cyber Security Office and the RCIPS Digital Forensics Hub are warning the business community of a recent increase in the amount of phishing and scam emails being reported in this jurisdiction. Officials said they are concerned that these cyber-attacks, which are crafted to look genuine and from legitimate organisations, could be a precursor to a more serious cybercrime, such as a ransomware attack on a local website.

In a press release Thursday, government officials and the cyber cops said businesses need to ensure that their staff are aware of this increased threat level so that they remain vigilant. Employees should be advised to report any suspicious activities to the internal IT Team immediately. Businesses and members of the public are also encouraged to be alert to all forms of online scams and to report any suspicious activity to the RCIPS.

Phishing emails provide cyber attackers with an easy entry point into an organisation’s computers and networks. They often contain file attachments or malicious HTML links, which could infect computers and compromise an entire computer network if the link is clicked on or the attachment is opened by the recipient. The campaigns are how cyber criminals gain access to an organisation’s network to install malicious software to steal, delete or encrypt its data.

The online invaders can then hold organisations to ransom by demanding a hefty payment, likely in cryptocurrency, with the promise to unlock the data once they receive payment. The cyber attackers will often threaten to sell or release the data on the dark web if payment is not provided.

Officials encouraged local organisations to issue a notification to all of their staff to heighten awareness of phishing emails. Staff need to be extremely cautious if they receive an email from an unknown party or an unexpected email, the importance of not opening the attachment or clicking on the embedded links and whom to report to.  

Email security solutions and secure configuration should be implemented to quarantine phishing emails, malicious content and links.

Backup devices that are kept permanently online are also a target for ransomware by cyber attackers. Businesses are encouraged to review their procedures and keep backup data offline when not in use or in the cloud.

Government officials said cyber attackers exploit vulnerabilities in everyday software to gain access to an organisation’s systems. Organisations are encouraged to adopt regularised protocols for applying security fixes and patches, without undue delay. Endpoint Detect and Respond (EPDR) or traditional Anti-Virus software can assist in preventing some types of cyber-attacks. It is important to have such software deployed and kept updated on computers and servers.

Multi-Factor Authentication, also known as two-factor authentication, provides a more secure login to computers and online services and should always be enabled if it is an available feature.

The Cayman Islands Government’s Cyber Security Office reminds the public to visit the website  www.gov.ky/cybersafe for useful advice and guidance.