Louisa Vogelenzang Discusses the Rise in Ransomware Attacks with Ausbiz TV Webcast Replay

or to bookmark this page

Click here to bookmark this page

Click here to remove bookmark

In an interview with Australian Business (Ausbiz) TV, Louisa Vogelenzang, Associate Managing Director in the Identity Theft and Breach Notification (ITBN) practice of Kroll, a division of Duff & Phelps, discussed the unexpected 150% increase in ransomware attacks from January to June this year.

During her interview, Louisa highlights how ransomware attacks and techniques have evolved and the impact of work-from-home arrangements on business security. She also shares valuable insights for employees and organizations to safeguard themselves from these attacks. Louisa emphasizes the need to create a robust response plan that is practiced and updated regularly, the need to educate employees on how to spot and report suspicious activities and train employees to follow basic cyber guidelines to protect themselves.

2020-09-09T00:00:00.0000000 /en/insights/webcasts-and-videos/louisa-vogelenzang-discusses-rise-in-ransomware-attacks webcast {E39587AD-8F0B-4FE2-865F-969BC5501096} {CE589BFE-43ED-4214-8CBC-A96989570B0F} {E538E14D-C192-4A8E-8861-504D0EEBF99A} {4D975B32-83A6-485A-843E-2131B17303F0} {EF1B7ABE-2357-44B0-BBE4-F8D4CDA62BAC}

Key points covered in the interview: 

  • The rise of ransomware attacks in Australia 
  • How ransomware attacks have evolved
  • Best practices for employees and organizations to improve cyber security posture

Notable Passages from the Presentation 

The Rise of Ransomware Attacks in Australia

“Well, the recent notifiable data breaches report from the OAIC report a 150% increase in the number of ransomware attacks between January and June of this year, compared to the previous six months. From more than the steps that businesses can take to better prepare themselves. 

How Ransomware Attacks Have Evolved

“So, I think it's a general trend that we've been seeing over time anyway, and in particular we've seen the threat actors more recently behind ransomware changing and evolving their techniques a little bit. So when previously they might have tried to encourage an employee to click on a phishing link to download that ransomware. They're now directly breaking into systems and networks, and they are looking for the optimum place to place that ransomware. And while they're there, they're looking for sensitive data, information, IP that they can take a copy of while they're there, and use that to further extort the organization by threatening to release that data.” – Louisa  Vogelenzang

Yeah, so I think there's been a few key trends that we've seen from the work from home move. Firstly, of course, organizations had to scramble to enable their employees to work from home. So in some cases that meant they didn't have enough corporate devices to give those employees. So they had to connect to using a personal device and that could have introduced vulnerabilities into a network. And then they've had to open up their networks more broadly. And, with that, even if they were using something like a VPN to encrypt that data flow, if it's not patching up to date, there's some vulnerabilities there. And also maybe if they haven't turned on multifactorial authentication, so that's username password and then a code that sent to your phone. If that's not turned on, then that's also introducing vulnerabilities to things like Cloud email.

Best Practices for Employees and Organizations to Improve Cyber Security Posture

“I think the first thing any business should do is understand that it's not a matter of if, but when, a cyber-attack is going to happen at some point. So the most important thing you can do is plan for that. So it's having a really robust incident response plan that is practiced and updated regularly. And that also includes specific scenarios like ransomware, like data breaches as well. So you know exactly what you're going to do when that attack occurs. Secondly, enabling employees to be educated in how to spot something suspicious going on within your networks and having the right communications flow so they can report those things that they see. And then last but not least some basic cyber hygiene. So things like enforcing really strong password policies, having multifactor authentication turned on, making sure you're patching and last but not least having those viable backups.” – Louisa  Vogelenzang

Other Areas We Can Help

Cyber Risk

Cyber Risk

Global, end-to-end cyber risk solutions.

Cyber Risk
Canadian Data Breach | Cyber Risk | Kroll

Cyber Risk Assessments

Delivering actionable recommendations using the best technology and expertise available.

Cyber Risk Assessments



Initial Access Brokers: Fueling the Ransomware Threat  - The Monitor, Issue 17


The Importance of Jurisdictional Risk When Doing Business with Money Services Businesses


Data Exfiltration in Ransomware Attacks: Digital Forensics Primer for Lawyers