In an all too familiar scenario—a business email compromise scheme—a malicious actor poses as a top-level executive and directs an employee via email to wire money. The alleged purpose of the wire could be to pay a vendor or to consummate an important deal. Deceived by the imposter, the employee complies and wires the money as requested. Soon thereafter, the funds disappear, and the business is left bereft of funds and scrambling for solutions.
In another tragically common scenario—the “pay us or else” ransomware attack—a threat actor surreptitiously enters a business’s computer system posing as an authorized user, installs its own code on the system (i.e., swaps out the locks for its own and to which only it has the keys), and then locks the system. The threat actor then reveals itself and delivers its message: “pay us or else.” Even if the business were to pay, which is not recommended, the company’s data may be corrupted or the threat actor may remain in the company’s systems.