Cayman Islands Government’s Cyber Security Office and RCIPS Digital Forensics Hub Issue Advisory on Phishing Emails
In recent days, the Cayman Islands Government’s Cyber Security Office and the RCIPS Digital Forensics Hub have seen an up-turn in Phishing Emails (often referred to as Scam or Fake Emails) being reported in our local jurisdiction. We have seen that these Phishing Emails are ‘crafted’ by the cyber attacker to look genuine and they often purport to be from a legitimate organisation.
Phishing Emails provide cyber attackers with an easy entry-point into an organisation’s computers and networks. They often contain file attachments or malicious HTML links, which could infect your computers and lead to the compromise of an entire computer network, if the link is clicked on or the attachment is opened by the recipient.
Phishing Emails are often the precursor to a more serious cyber incident, such as Cyber Ransomware attacks, which can be very disruptive to the business of the organisation, very expensive, and extremely time-consuming for an organisation to recover from.
The modus operandi for cyber criminals, is to gain the access to an organisation’s computer and network, often through a successful Phishing Email campaign, then to install malicious software, for the purpose of stealing, deleting or encrypting the organization’s data. Thereafter, the cyber attackers will attempt to ‘hold the organization to ransom’ by demanding a hefty payment (likely to be in cryptocurrency), with the promise to unlock your data, once they receive payment. The cyber attackers will often threaten to sell or release the data on the Dark Web, if the payment is not provided.
The Cayman Islands Government’s Cyber Security Office and RCIPS Digital Forensics Hub are advising businesses to ensure that their staff are aware of this increased threat level, so that they remain vigilant. Staff should be advised to report any suspicious activities to the internal IT Team immediately.
The following guidance and mitigation advice can help protect IT systems and infrastructure against these harmful, disruptive Cyber Attacks:
Organisations are encouraged to issue a notification to all of their staff to heighten awareness of Phishing Emails – specifically, to advise them to be extremely cautious if they receive an email from an unknown party or an unexpected email, the importance of not opening the attaching or clicking on the embedded links and whom to report to;
Email security solutions and secure configuration, should be implemented to quarantine Phishing Emails, malicious content and links;
Backup devices which are kept permanently online are also a target for ransomware by the cyber attackers. Businesses are encouraged to review their procedures and keep back-up data offline (when not in use) or in the cloud.
Cyber attackers will exploit vulnerabilities in everyday software to gain access to an organisation’s systems. Organisations are encouraged to adopt regularised protocols for applying security fixes and patches, without undue delay.
Endpoint Detect and Respond (EPDR) or traditional Anti-Virus software can assist in preventing some types of cyber-attacks. It is important to have such software deployed and kept updated on computers and servers.
Multi-Factor Authentication (also known as two factor authentication), provides for a more secure logon to computers and online services and should always be enabled, if it is an available feature
The Cayman Islands Government’s Cyber Security Office reminds the public to visit the website www.gov.ky/cybersafe for useful advice and guidance.
Businesses and members of the public are also encouraged to be alert to all forms of online scams and to report any suspicious activity to the RCIPS.