(CMR) Recently, the Cayman Islands Government's Cyber Security Office and the RCIPS Digital Forensics Hub have seen an upturn in Phishing Emails (often referred to as Scam or Fake Emails) being reported in our local jurisdiction.
“We have seen that these Phishing Emails are ‘crafted' by the cyber attacker to look genuine, and they often purport to be from a legitimate organization,” the RCIPS warned.
Phishing Emails provide cyber attackers with an easy entry point into an organization's computers and networks. They often contain file attachments or malicious HTML links, which could infect your computers and compromise an entire computer network if the link is clicked on or the recipient opens the attachment.
Phishing Emails are often the precursor to a more serious cyber incident, such as Cyber Ransomware attacks, which can be very disruptive to the organization's business, very expensive, and highly time-consuming for an organization to recover from.
The modus operandi for cyber criminals is to gain access to an organization's computer and network, often through a successful Phishing Email campaign, then to install malicious software for stealing, deleting, or encrypting the organization's data. After that, the cyber attackers will attempt to ‘hold the organization to ransom' by demanding a hefty payment (likely in cryptocurrency), with the promise to unlock your data once they receive payment. The cyber attackers will often threaten to sell or release the information on the Dark Web if payment is not provided.
The Cayman Islands Government's Cyber Security Office and RCIPS Digital Forensics Hub are advising businesses to ensure that their staff are aware of this increased threat level so that they remain vigilant. Staff should be notified to report any suspicious activities to the internal IT Team immediately.
The following guidance and mitigation advice can help protect IT systems and infrastructure against these harmful, disruptive Cyber Attacks:
Organizations are encouraged to issue a notification to all of their staff to heighten awareness of Phishing Emails, specifically to advise them to be extremely cautious if they receive an email from an unknown party or an unexpected email, the importance of not opening the attaching or clicking on the embedded links and whom to report to;
Email security solutions and secure configuration should be implemented to quarantine Phishing Emails, malicious content, and links;
Backup devices kept permanently online are also a target for ransomware by cyber attackers. Businesses are encouraged to review their procedures and keep backup data offline (when not in use) or in the cloud.
Cyber attackers will exploit vulnerabilities in everyday software to gain access to an organization's systems. Organizations are encouraged to adopt regularised protocols for applying security fixes and patches without delay.
Endpoint Detect and Respond (EPDR) or traditional Anti-Virus software can assist in preventing some types of cyber-attacks. It is essential to have such software deployed and kept updated on computers and servers.
Multi-Factor Authentication (also known as two-factor authentication) provides for more secure logon to computers and online services and should always be enabled if it is an available feature.
The Cayman Islands Government's Cyber Security Office reminds the public to visit www.gov.ky/cybersafe for useful advice and guidance.
Businesses and members of the public are also encouraged to be alert to all forms of online scams and to report any suspicious activity to the RCIPS.