Locking the Gates: Defending Against Ransomware and Phishing

Introduction Information security is essential for both individuals and organizations because modern life depends on connected systems that collect, process, and store personal and business data. As the CompTIA text explains, online activity exposes far more about us than face-to-face transactions: websites and apps can infer identity from browsing history, purchases, location, and contact data, making our information valuable to both companies and cybercriminals (CompTIA, 2022). This paper explains why systems are vulnerable, outlines the damage caused by ransomware and phishing, and proposes practical defenses grounded in industry guidance. Why Information Security Matters CompTIA’s overview of personally identifiable information (PII) distinguishes between direct identifiers (such as Social Security numbers, account credentials, or driver’s license numbers) and indirect attributes (such as ZIP code, job title, or browsing history) that, when combined, still reveal identity (CompTIA, 2022). Organizations must protect both categories while maintaining the availability of systems that deliver services to employees and customers. Breaches can result in operational downtime, regulatory exposure, and loss of trust, while individuals may face identity fraud, damaged credit, or financial loss. Incident 1: Malware and Ransomware Ransomware attackers typically gain entry through stolen or phished credentials, unpatched software, or exposed remote services. Weak identity controls and broad user permissions increase the impact once an attacker lands on a single machine. Common signs include encrypted files, unusual file extensions, ransom notes, disabled security tools, and disrupted backups. The damage can include stolen or inaccessible data, interrupted services, and reputational harm. Federal guidance highlights that many groups now exfiltrate data before encrypting systems and use extortion threats to pressure victims (Cybersecurity and Infrastructure Security Agency [CISA], 2025). Recommendations for Ransomware Strengthen identity: Adopt multi-factor authentication (MFA) so logins require more than just a password. Combining factors—something you know, have, and are—raises the bar for attackers and helps prevent credential compromises (CompTIA, 2022). Prepare for recovery: Maintain offline or immutable backups and test restoration regularly so operations can continue even if primary systems are encrypted (CISA, 2025). Reduce attack surfaces: Apply patches promptly and enforce least-privilege access to limit lateral movement. Incident 2: Phishing and Smishing Phishing campaigns use deceptive messages—via email or SMS (smishing)—to trick users into revealing credentials, approving fraudulent sign-in prompts, or visiting spoofed websites. Attackers often mimic legitimate communications using details such as names, departments, or recent activities. This aligns with the text’s discussion of how indirect PII can be combined to create persuasive profiles (CompTIA, 2022). Outcomes can range from single-account takeovers to business email compromise and large-scale breaches. Industry reporting confirms phishing remains one of the most common pathways to intrusions across sectors (Verizon, 2025). Recommendations for Phishing Promote awareness: Train users to verify sensitive requests through separate channels and encourage them to navigate directly to trusted sites instead of clicking links. CompTIA emphasizes that every employee plays a role in spotting suspicious messages (CompTIA, 2022). Layer defenses: Deploy email and SMS filtering, domain protection, DNS/web filtering, and MFA to reduce the chance that a single click leads to compromise (Verizon, 2025; CISA, 2025). Conclusion Ransomware and phishing thrive when attackers exploit weak authentication, unpatched systems, over-privileged accounts, and rushed human decisions. CompTIA’s treatment of PII and authentication underscores the need to guard both the data and the identities that access it. Federal and industry guidance provide concrete strategies for resilience. Combining strong identity controls, tested backups, timely patching, least-privilege authorization, layered detection, and continuous user training is essential for protecting individuals and organizations in today’s data-driven environment (CompTIA, 2022; CISA, 2025; Verizon, 2025). References CompTIA. (2022). CertMaster Learn Tech+ [Course textbook]. CompTIA. Cybersecurity and Infrastructure Security Agency. (2025). #StopRansomware guide. https://www.cisa.gov/stopransomware/ransomware-guide Verizon. (2025). 2025 Data Breach Investigations Report (DBIR).