Ransomware attacks levels up, again!

Share this post:

Remember WannaCry? When a group of unknown threat actors carried out one of the largest ransomware attacks of its kind, hundreds of thousands of computers in 150 countries got infected. Wannacry hit the news barely a month ago!

Fast forward 1 month…Yesterday, newsmedia around the world reported on a similar attack with ransomware called Petya. This more sophisticated ransomware affected a number of Dutch and Belgian companies.  Companies like Maersk and APM terminals with terminals throughout the Netherlands and Belgium had to revert to manual loading and unloading, and some banks as well reported having ransomware troubles. And also elsewhere across Europe companies were faced with similar issues.


Ransomware generally revokes access to a victim’s endpoint or encrypts data on that endpoint before prompting the victim to pay a ransom to regain control. That’s the basic idea, but the devil is in the details. By various estimates, up to 83 percent of ransomware attacks originate when an employee clicks on a malicious link, opens an infected attachment or visits a compromised website. Employees are the first line of defence, so investing in ongoing awareness training about protecting against phishing and malware should be a priority. And that we need to drive this more is clear, it is apparently still very effective when you look at the results.

But even heightened user awareness has its limits. Keep in mind that the vast majority of exploits occur against known vulnerabilities of unpatched endpoints, which means they are preventable. Organizations need to be able to manage all endpoints — smartphones, tablets, laptops, desktops, ruggedized devices, wearables and the Internet of Things (IoT) — from a single platform, making it easy to keep all systems current with OS and third-party software updates.

It sounds simple: Apply basic endpoint hygiene to keep your data safe. Yet we see continuous disruptions by cyberattacks and ransomware threats. Many organizations are simply unwilling or unable to take the necessary ‘basic’ steps to significantly improve their security posture.
Earlier this year, IBM made history by announcing the industry’s first and only cognitive approach to Unified Endpoint Management, through IBM MaaS360 with Watson. MaaS360 customers who manage their laptops and desktops alongside their smartphones and tablets were well-equipped to quickly understand the WannaCry attack and take remediation actions.

View our online webinar on a cognitive approach to Unified Endpoint Management.

The risk of ransomware is rising exponentially and is here to stay. Several blogs and websites such as our own ransomware site offer valuable lessons in preparing and understanding what actions to take to lower the risk before and during the attack.

You might also want to consult the IBM Ransomware Response Guide or view our ransomware webinar series on how to orchestrate your security defences to avoid ransomware.

Finally, if you have been affected, and require urgent and immediate assistance, reach out to outside expertise and call the IBM X-Force Incident Response Hotline, outside the US: (001) 312-212-8034 (USA: 1-888-241-9812).

Global Executive Security Advisor, IBM Security X-Force Command

More stories

Aegon besteedt administratie van levensverzekeringsportefeuille uit aan IBM

Aegon draagt de administratie van ongeveer 800.000 closed book levensverzekeringspolissen over aan IBM. Die bouwt voor de opdracht een nieuw platform in de publieke cloud en digitaliseert het hele administratieve proces. Aegon verzekert met die uitbesteding de continuïteit van een goede dienstverlening aan zijn klanten en intermediairs voor de aflopende polissen. Outsourcing van 800.000 levensverzekeringen […]

Continue reading

Modernisering van VMware-workloads in de cloud

  Iedere organisatie streeft naar een flexibel IT-landschap, dat snel kan meebewegen met nieuwe technologische, economische en zakelijke ontwikkelingen. Applicaties draaien daarbij idealiter in de best passende omgevingen – bij voorkeur in de cloud. Dit vereist een doordachte modernisering van legacy applicaties.   IBM Cloud voor VMware maakt een stapsgewijze aanpak mogelijk Voor veel organisaties […]

Continue reading

Roadmap voor applicatie-modernisering

  Modernisering van bestaande applicaties is voor de meeste organisaties van levensbelang. Alleen met een up-to-date systeemlandschap kunnen bedrijven hun gebruikerservaring verbeteren, efficiënter opereren en adequater inspelen op veranderende marktbehoeften. De cloud speelt hier een cruciale rol. In deze blog staan we stil bij de belangrijkste uitdagingen en komen we met praktische suggesties voor cloudgebaseerde […]

Continue reading