Global Cyber-Attacks: Ransomware Strikes Again

Global cyber-attacks are back with a vengeance, with recent events demonstrating that business and governmental security is not on par with rapidly evolving cyber criminals. On a mass scale, we are seeing stories of business leaders learning the hard way.

Rather than preventing the malicious infiltrations from happening in the first place, businesses from all over the world are feeling the wrath of new cyber-attacks, costing them substantial amounts financially and their reputation.

Parliament Cyber-Attack

On 23rd June 2017, UK Parliament was hit with a cyber-attack. The attack attempted to compromise all 9000 Westminster accounts with the hopes of unveiling weak passwords, but only 90 were affected, which still led to fears of blackmail from the hackers. Working closely with the National Cyber Security Centre, measures were put in place immediately to immunise Parliamentary accounts from further attacks, preventing the hackers from inflicting further damage and fulfilling their planned, malevolent actions. One of these actions was to remove remote access to parliamentary email accounts as a safeguard, meaning MPs and staff could only access their accounts within Westminster.

Though the government has strong resources to help fight an attack, it draws up the same question we ask every time; why wasn’t there a solution in place to stop it from happening and escalating to a point where national security was highly involved? It seems like many businesses believe that the price of advanced cyber security outweighs the negative repercussions.

Global ‘GoldenEye’ Ransomware Attack

Only a few days later, on 27th June 2017, there were several European countries affected by a cyber-attack dubbed ‘GoldenEye’, mainly in eastern Europe. A Russian energy firm, Ukraine’s national bank and largest airport, British advertising agency WPP and many others were hit with a strain of Ransomware believed to have evolved from Petya, a version prevalent in 2016. What’s particularly worrying is that it exploited the same vulnerability that saw the NHS, Telefonica and thousands of businesses worldwide hit. Further attacks have now been announced in Germany, France, Denmark and the USA.

Rozenko Pavlo, the Deputy Prime Minister of Ukraine, said he and other members of the Ukrainian government were unable to access their computers. “We also have a network ‘down’” he wrote. “This image is being displayed by all computers of the government.”

“It was updated earlier in 2017 by the criminals when certain aspects were defeated. The Ransomware was called Petya and the updated version Petrwrap.”

The Petya strain of Ransomware disables peoples’ access to their computer files through encryption unless a ransom is paid – a standard format for a Ransomware attack. However, Petya goes a step further by overwriting a computer’s Master Boot Record (MBR) – you can read more about this in our blog from last year, which detailed Petya and other prevalent Ransomware strains. This attack as well as the WannaCry attack could have been prevented with the use of Sophos Intercept X.

Thankfully a number of TSG customers were protected with Sophos Intercept X and were therefore protected and subsequently unfazed by both of these cyber-attacks. Even if the Ransomware strain attempted to attack their systems, nobody would be the wiser as Intercept X stops any spread or initial attack from taking place. However, those that do not have Intercept X implemented within their business are still very much at risk of being attacked. Get in touch with us today to find out how you can protect your business.

It’s clear from the widespread nature of attacks on businesses around the world that we can no longer continue with the notion of ‘it’ll never happen to me’, or justifying any procrastination when it comes to IT security in a business. We see daily attacks on small, medium, large and giant companies.

The take-away message is the understanding that hackers do not discriminate on business size. If there is money to be made from these malicious attacks, then they will target any business to fulfil their needs.

Please note: Patching your systems with critical Windows updates is a crucial element of protecting your organisation against cyber-attacks such as Ransomware. It’s well worth checking for updates right now (search ‘Windows Updates’ in your Windows search bar) and if there are any waiting, install them now. Microsoft has made it clear that if businesses had installed its MS17-010 security patch, they could have avoided the attack.

It’s time to be sensible and protect your business.

Image source: Symantec