Generic

Ransomware attacks levels up, again!

Share this post:

Remember WannaCry? When a group of unknown threat actors carried out one of the largest ransomware attacks of its kind, hundreds of thousands of computers in 150 countries got infected. Wannacry hit the news barely a month ago!

Fast forward 1 month…Yesterday, newsmedia around the world reported on a similar attack with ransomware called Petya. This more sophisticated ransomware affected a number of Dutch and Belgian companies.  Companies like Maersk and APM terminals with terminals throughout the Netherlands and Belgium had to revert to manual loading and unloading, and some banks as well reported having ransomware troubles. And also elsewhere across Europe companies were faced with similar issues.

 

Ransomware generally revokes access to a victim’s endpoint or encrypts data on that endpoint before prompting the victim to pay a ransom to regain control. That’s the basic idea, but the devil is in the details. By various estimates, up to 83 percent of ransomware attacks originate when an employee clicks on a malicious link, opens an infected attachment or visits a compromised website. Employees are the first line of defence, so investing in ongoing awareness training about protecting against phishing and malware should be a priority. And that we need to drive this more is clear, it is apparently still very effective when you look at the results.

But even heightened user awareness has its limits. Keep in mind that the vast majority of exploits occur against known vulnerabilities of unpatched endpoints, which means they are preventable. Organizations need to be able to manage all endpoints — smartphones, tablets, laptops, desktops, ruggedized devices, wearables and the Internet of Things (IoT) — from a single platform, making it easy to keep all systems current with OS and third-party software updates.

It sounds simple: Apply basic endpoint hygiene to keep your data safe. Yet we see continuous disruptions by cyberattacks and ransomware threats. Many organizations are simply unwilling or unable to take the necessary ‘basic’ steps to significantly improve their security posture.
Earlier this year, IBM made history by announcing the industry’s first and only cognitive approach to Unified Endpoint Management, through IBM MaaS360 with Watson. MaaS360 customers who manage their laptops and desktops alongside their smartphones and tablets were well-equipped to quickly understand the WannaCry attack and take remediation actions.

View our online webinar on a cognitive approach to Unified Endpoint Management.

The risk of ransomware is rising exponentially and is here to stay. Several blogs and websites such as our own ransomware site offer valuable lessons in preparing and understanding what actions to take to lower the risk before and during the attack.

You might also want to consult the IBM Ransomware Response Guide or view our ransomware webinar series on how to orchestrate your security defences to avoid ransomware.

Finally, if you have been affected, and require urgent and immediate assistance, reach out to outside expertise and call the IBM X-Force Incident Response Hotline, outside the US: (001) 312-212-8034 (USA: 1-888-241-9812).

Global Executive Security Advisor, IBM Security X-Force Command

More stories

Is regulation enabling or hindering innovation in the financial services industry?

Anne Leslie, Cloud Risk & Controls Leader Europe, IBM Cloud for Financial Services Europe’s financial services sector is in the throes of wide scale digital transformation – a transition being accelerated by the growing adoption of digital solutions and services to help keep up with the demands of digitally savvy consumers. While there can be […]

Continue reading

The Digital Operational Resilience Act for Financial Services: Harmonised rules, broader scope of application

The Digital Operational Resilience Act – what and why As part of the European Commission’s Digital Finance Package, the new Digital Operational Resilience Act, or in short DORA, will come into force in the coming period. The aim of DORA is to establish uniform requirements across the EU that improve the cybersecurity and operational resilience […]

Continue reading

Banking on empathy

Suppose you’re owning a small boutique wine shop and have gone through two difficult years because of the Covid-19 pandemic. As the pandemic seems to be on its way back, it is time to revitalize the shop. And this causes direct a huge challenge: the wine stock needs to be replenished but you have used […]

Continue reading