Ransomware attacks are rapidly affecting businesses, compromising major data and important information.
When the latest ransomware attack Petya, now being called ExPetr, spread to major enterprises, it became clear that leading industries will have to make major improvements in order to protect themselves to keep data secured.
These improvements go beyond patching up systems, it means taking security seriously and understanding how these attacks are conducted.
This starts with understanding how these attacks are conducted.
Verizon Data Breach Investigations Report (DBIR) uncovered the tactics that are used during cybercrime.
“For the tenth time, the Verizon Data Breach Investigations Report (DBIR) delves into the murky world of cyber security. It brings together the collective experience of 65 organizations to give you the full picture on cybercrime.” according to the DBIR report.
In the DBIR Report, Verizon outlined the most commonly carried out tactics during cyber attacks.
- 81% hacking-related breaches leveraged from stolen/weak passwords
- 62% of crime features hacking
- 51% of breaches included malware
- 43% of cyber crime were social attacks
- 8% were carried out through physical activity
- 14% of attacks failed due to company’s protection
The most recent attack is being labeled as, ExPetr, a modification of the well-known Petya cyber attack, that is put under the malware tactic.
ExPetr is a cyber attack that disguises itself as ransomware, but instead, is interested in wiping out software.
“It exploits several known vulnerabilities, spreads via a protocol that shouldn’t be exposed to the Internet, and abuses an existing operating system utility” according to CSOonline.
Understanding these statistics and where the latest attack falls under are beneficial tools for companies who want to understand which attacks are the most threatening to them, and how common they occur.
The DBIR continues on to explain who exactly is targeted in these attacks.
“Whether it’s design plans, medical records or good, old-fashioned payment card details—someone, somewhere will see it as their meal ticket. Most cyber criminals are not fussy about who they steal from.”
The latest ransomware attack, ExPetr, targetted major industrial companies all over the world as victims.
Targeting industrial companies is exceptionally dangerous, according to Kaspersky Lab.
“The malicious actors that are utilizing ransomware attack vectors are switching their focus to companies and organizations rather than home users, and industrial companies are no exception.”
According to Kaspersky Lab, more than 50 percent of victims fell into the industries of manufacturing oil and gas.
Attacking industrial organizations, as opposed to home users, can develop a major threat to businesses, that impacts the technological processes as well as the internal structure.
Handling the Cyber Attacks
When these ransomware cyber attacks happen, business leaders and employees immediately jump into action in order to protect themselves and especially their secured data.
But sometimes, it’s too late.
In a recent DigitalDiary post, we gave tips to CISO’s on how to prevent a malware attack.
Now, we are here to offer advice about what to do immediately to protect your company as a ransomware attack like Expetr occurs.
- Patch vulnerable systems
In the IT world, this means to use the piece of software that is designed to update a computer program and to ultimately fix and improve it. This could mean anything from bugs or to improve performance in the device.
- Don’t pay the ransom
Ransome attacks ask for money in order for the attacker to return the system back to normal. Law enforcement agencies strongly advise organizations not to pay the sum of money, even though the situation can be extremely hard to gauge considering the companies reputation is at risk.
- Restore from backups
Backups are duplicates of files or data in a computer system. This is used when the primary system data is corrupted, lost or deleted.
Using backups during a cyber attack is exceptionally important because it has the ability to retrieve the important data that was compromised from the attack.
ABOUT DIGITAL ENTERPRISE TRANSFORMATION ASSEMBLY
The Millennium Alliance is thrilled to present the second 2017 edition of Digital Enterprise Transformation Assembly, put together by the industry, for the industry. Join us November 16-17, for a series of executive education roundtables, keynote presentations, collaborative think tanks, educational workshops, and networking sessions will offer industry-specific topics and trends to ensure your company sustains its competitive advantage.
Join us November 16-17, for a series of executive education roundtables, keynote presentations, collaborative think tanks, educational workshops, and networking sessions will offer industry-specific topics and trends to ensure your company sustains its competitive advantage.
After the latest ransomware attack, it is clear that major businesses are continuing to have important data and information accessible to hackers, jeopardizing the security of their businesses. Because these attacks are becoming more frequent, the role of IT leaders is becoming even more necessary in the business structure
Understanding how mobile, social and cloud are all digitally evolving tools that are crucial for organizations to use in order to protect themselves from attack is an important obligation that CISOs must take on. By understanding how digital transformation within businesses
As we move closer to 2018, prominent digital technology and business leaders from all the major private and public sectors are looking to CIOs to manage the explosion of information that has ignited digital enterprise.
This is not just another “Digital IT” event. Spaces are reserved for the best in the business. Apply for Millennium Membership today
Our agendas and attendee lists are for Millennium Members only. Apply today for access! Already a Millennium Member? Simply click the link and enter your password when requested.