According to Chief Security Officer magazine, ransomware makers often like to target HR, since it is one of the most vulnerable avenues for such attacks. They added that the attackers prefer to use the ransomware called Petya, which, unlike other types of ransomware, encrypts the entire hard drive and not just standalone files.
Typically, an attacker sends out a fake CV as an attachment inside an email, which contains ransomware that can lock down an entire company database once opened, demanding payment. The attackers usually demand Bitcoin, since that form of payment is anonymous, making it hard to trace.
Part of the reason behind why hackers have been so successful at doing this is because those types of attacks are generally hard to avoid.
Brian Nesmith, CEO at Arctic Wolf, commented that human resources organizations sit in-line with financial organizations. He added that a lot of external parties also need to connect with human resources.
The HR staff are typically not very well-versed in IT, which makes these types of infections even harder to stop. Coupled with the fact that employee records and financial systems are prime ransomware targets anyways, It is easy to see why an attacker would choose to target them.
A possible solution to the problem would be to educate the HR staff by offering specialised training. Apart from that, strict network monitoring with the right kind of security tools is advisable. Those things could very well mean the difference between establishing data security and data being held hostage.