Holy Malware, Batman!
Where were you when news started spreading last week about the worldwide malware attack? I was providing a free LMS demo to a law firm in California and the news story pinged on my computer. Apparently, we all saw the news about the same time because, after the demo (side note: they signed up for the SavvyAcademy LMS!) we started talking about law firm security.
According to the Washington Post article cited above, the “front door” to the giant malware attack was opened by a phishing scam.
“Cybersecurity experts said the malware arrived through “phishing” attacks in which recipients of emails were tricked into opening phony links. Once one computer in a system was infected, the malware spread to other machines on the same network. In some cases, the malware was delivered in spam emails.
“The ransomware spread so quickly because it was delivered by a special digital code developed by the NSA to move from one unpatched computer to another, security experts said. They warned that the malware now could move from large networks to individual users.”
Luckily, the firm I was talking to was already a Savvy client using KnowBe4 security awareness training, so they were feeling protected. (They immediately notified all employees to be suspicious of their inbox and, since everyone was trained to know what to look for, the law firm was essentially a safe zone from the malware attack.)
But there were a lot of companies across the globe who hadn’t trained their employees to be suspicious of their email inbox, and that’s how the bug spread.
Are you taking the necessary precautions today to protect your firm from the next cyberattack? Criminals are becoming more sophisticated every day, constantly seeking ways to hack your network. No matter how many firewalls you’ve built, your biggest threat will always be that giant open door into your firm called “Email.” You need to teach your employees to recognize suspicious email so that they can be your first line of defense, instead of your weakest link.
The KnowBe4 security awareness program was created by Kevin Mitnick, infamous hacker and now world-renowned security expert. The KnowBe4 platform starts with an education program that teaches your attorneys and staff how to recognize suspicious emails. Then, you can create simulated phishing emails that you send throughout your law firm. From the results, you know the types of emails that your employees need help recognizing as suspicious and the people who need extra training.
And you will get nearly instantaneous results. We have learned that people are less likely to click on a fake email after experiencing one simulation in which they fail. (ie. If they click on a fake phishing scam and discover that they were suckered, they are 20% less likely to do it again.) And that’s after just one simulation! Imagine if you had an ongoing phishing simulation/training program to help your employees keep their guard up!
As a partner with KnowBe4, I can help you create compelling, fake emails, push them out to your firm, track the people who are vulnerable, and educate everyone to be more astute when they click!
Here’s how it works:
- You become a KnowBe4 client
- Upload your users to the system
- Launch a baseline phishing test using any number of templates
- Using the results from that phishing test, launch targeted trainings to help your employees be more discerning clickers
- Every month or quarter, send out another phishing campaign
- Track improvements down to individual users over time
This system is updated continuously with new phishing templates that you can use to phish your law firm, learning who is vulnerable to scams and who needs training.
The KnowBe4 system is simple and yet incredibly effective in helping you to build your first line of defense against cyber attackers who know that the weakest chink in your law firm security system is your employees!
Were you worried about your employees clicking on last week’s global malware scam? Contact me for a free demo of KnowBe4 today!
Let’s hope next week’s big news is that the NSA also released classified documents detailing how to get elementary school boys to sit still at dinner…