New Ransomware Tactic: Direct Calls to You

As many cyber actors enter the cybersecurity landscape, ransomware hackers are constantly on the prowl for new ways to breach networks and gain access to sensitive information. The latest scheme is to call victims directly. 

Recently, a Dallas, TX school district was attacked, and parents were targeted with phone calls requesting sensitive information (reference). The threat was that, without immediate payment, all files, including information on said parent’s child, would be released to the dark market. The parent was contacted by both phone call and email. 

This attack follows a trend where hackers increasingly target everyday people whose information is stored on computers that are victims of a breach. Once hackers have the information on the individual from the larger network breach, they individually hassle them via phone and email until they pay up. 

In recent years, this attack also follows a growing trend where hackers ruthlessly target hospitals, schools, and even city governments. Despite nationwide efforts by the Biden administration to combat the cybersecurity crisis in the U.S., hackers were just about as successful in 2021 as they were in 2020.

What do we learn from this attack? 

Of course, attacks will continue to occur with alarming frequency across different industries and locations throughout the U.S. That said, a correct and timely response to such attacks is critical. In the case of the Dallas school district, the school district failed to notify parents of a potential attack; thus, parents were not prepared when they were individually targeted. By not properly communicating, the Dallas school district expanded the harmful effects of the attack unnecessarily, not to mention angering parents in the process.

In the event an attack occurs, three necessary steps must take place immediately: 

  1. Contact local authorities
  2. Contact your IT security team and develop an action plan
  3. Contact those individuals whose information was compromised

PK Tech is a managed IT services company that services the Greater Phoenix Area. If we can support the cybersecurity efforts at your company, reach out to us here.