CISO's Tower

Ransomware attacks levels up, again!

Share this post:

Remember WannaCry? When a group of unknown threat actors carried out one of the largest ransomware attacks of its kind, hundreds of thousands of computers in 150 countries got infected. Wannacry hit the news barely a month ago!

Fast forward 1 month…Yesterday, newsmedia around the world reported on a similar attack with ransomware called Petya. This more sophisticated ransomware affected a number of Dutch and Belgian companies.  Companies like Maersk and APM terminals with terminals throughout the Netherlands and Belgium had to revert to manual loading and unloading, and some banks as well reported having ransomware troubles. And also elsewhere across Europe companies were faced with similar issues.

 

Ransomware generally revokes access to a victim’s endpoint or encrypts data on that endpoint before prompting the victim to pay a ransom to regain control. That’s the basic idea, but the devil is in the details. By various estimates, up to 83 percent of ransomware attacks originate when an employee clicks on a malicious link, opens an infected attachment or visits a compromised website. Employees are the first line of defence, so investing in ongoing awareness training about protecting against phishing and malware should be a priority. And that we need to drive this more is clear, it is apparently still very effective when you look at the results.

But even heightened user awareness has its limits. Keep in mind that the vast majority of exploits occur against known vulnerabilities of unpatched endpoints, which means they are preventable. Organizations need to be able to manage all endpoints — smartphones, tablets, laptops, desktops, ruggedized devices, wearables and the Internet of Things (IoT) — from a single platform, making it easy to keep all systems current with OS and third-party software updates.

It sounds simple: Apply basic endpoint hygiene to keep your data safe. Yet we see continuous disruptions by cyberattacks and ransomware threats. Many organizations are simply unwilling or unable to take the necessary ‘basic’ steps to significantly improve their security posture.
Earlier this year, IBM made history by announcing the industry’s first and only cognitive approach to Unified Endpoint Management, through IBM MaaS360 with Watson. MaaS360 customers who manage their laptops and desktops alongside their smartphones and tablets were well-equipped to quickly understand the WannaCry attack and take remediation actions.

View our online webinar on a cognitive approach to Unified Endpoint Management.

The risk of ransomware is rising exponentially and is here to stay. Several blogs and websites such as our own ransomware site offer valuable lessons in preparing and understanding what actions to take to lower the risk before and during the attack.

You might also want to consult the IBM Ransomware Response Guide or view our ransomware webinar series on how to orchestrate your security defences to avoid ransomware.

Finally, if you have been affected, and require urgent and immediate assistance, reach out to outside expertise and call the IBM X-Force Incident Response Hotline, outside the US: (001) 312-212-8034 (USA: 1-888-241-9812).

Global Executive Security Advisor, IBM Security X-Force Command

More CISO's Tower stories

Een nieuwe telg in de mainframe wereld

Kenners weten het Althans een groot vermoeden leefde bij hen. Zo eens in de twee jaar gebeurt het. Een nieuwe telg in de mainframe wereld! En deze week, 12 september, is hij door IBM aangekondigd, het nieuwe systeem. Volledig in lijn met de verwachtingen kreeg het de naam: IBM Z15 de IBM Z15 Het nummer […]

Continue reading

Hoe Rotterdam de slimste haven ter wereld wordt

Hoe Rotterdam dankzij digitale meerpalen, 3D-geprinte scheepsonderdelen en water- en weerdata de slimste haven ter wereld wordt. IBM Internet of Things stoomt de grootste Europese haven klaar voor autonoom afmerende schepen. De haven van Rotterdam, naar overslagvolume gemeten de grootste haven van Europa, wil de slimste haven ter wereld worden. In het kader daarvan zijn […]

Continue reading

A New Era of Data Protection

A new IBM Z14 Mainframe has been announced. You can say, what has this to do with Cyber security. Well it has a lot to do with Cyber Security. When you listen, and look around you in the news we see that there are a lot of data breaches. To put this in a bit […]

Continue reading