Companies do not exist on their own. Even if a company is not a subsidiary, it is probably part of a supply chain. This breach highlights how interdependent these security systems are. One company failing to practice good security can have far-reaching effects. Luckily, basic cyber hygiene like keeping software up to date and having secure passwords can go a long way in preventing the majority of breaches. Even the smallest companies can thoroughly protect themselves by following government guidelines like those set out in the Cyber Essentials scheme.
This is another case where the infection of these networks could have been prevented by educating employees and executives on how to avoid ransomware infections. I cannot stress enough that educating employees to the dangers of clicking links in browser popups, emails, and text messages is worth it, no matter the cost. The possible costs of network downtime, loss of income, and the cost of recovery easily outweigh the costs of employee education.
With well-established criminals groups like Evil Corp, there is no lack of innovation when it comes to deploying the malware. In this case, the gang used a fake software update alert which popped up on users screens when browsing to particular websites. This demonstrates why a layered approach to security is essential so that if one area is bypassed, the next layer can stop it. Prevention controls can prevent the malicious code being deployed to sites, and if that is bypassed, threat detection can quickly identify and respond to the malware. Another crucial part of the equation is the human element. With regular and relevant security awareness and training delivered to employees, they would be less likely to fall victim to drive-by downloads or other social engineering attacks.
Ransomware brings organizations to a stop causing havoc and shutting down business function in the worst instances. Organizations can pro-actively defend against Ransomware by having crisis management in place that practice scenarios involving Ransomware. Key learnings come from crisis management table top exercises including business continuity gaps. That this particular ransomware uses an auction system will only make it profitable, and therefore more popular. The best detection – is ensure all end-users are aware of process to report to cybersecurity team – a quick response reduces business impacts and consequences and finally the best prevention to ransomware is \”IDENTITY\” knowing who (end-users) and what (devices) is trying to access your technology environment in this case US Newspaper technology environment. Companies that leverage cloud-based storage and automatic synching from end point devices will be well-placed to recover from such attacks, but should practice the recovery procedure to minimize downtime if an attack does occur.