US toymaker Mattel revealed today that it suffered a ransomware attack that crippled some business functions, but the company says it recovered from the attack with no significant financial losses.
US toymaker Mattel revealed today that it suffered a ransomware attack that crippled some business functions, but the company says it recovered from the attack with no significant financial losses.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
It is refreshing to see an organisation recover from a cyberattack without major losses. Mattel\’s response to an initially successful breach managed to limit the attack and helped them regain control over their systems. Such a success story is not at all common. Usually, there is a substantial loss in business downtime and the financial costs associated with this. We hear about data that is stolen and leaked or used to blackmail organisations into paying millions in ransom, followed by potential fines from non-adherence to regulations. Yet, that was not the case in this instance. I hope that Mattel will share how they sustain the resilience of their systems, and specifically, how they stopped this particular attack from causing more damage, as others could learn from them. Sharing best practices in resilience management and response is crucial if we want to fight off attackers who often seem to be one step ahead of us
We see nearly endless headlines about ransomware, but underlying each of these incidents is a set of conditions that allowed that ransomware to take hold. Ransomware traverses networks using a variety of techniques, including taking specific actions to avoid detection. Asking for ransom is literally the last thing the ransomware does.
Mattel\’s response to the compromise, and the fact that they were able to stop attackers on their tracks, should be taken as an example of how the correct security measures can really make the difference. Organizations that want to avoid becoming a ransomware headline need to focus their defense on prevention first and respond second. Detecting the activity and changes that occur in your network is an important part of preventing ransomware from taking hold.