Expert Advise: SmarterASP.NET Infected By Ransomware

By   ISBuzz Team
Writer , Information Security Buzz | Nov 11, 2019 05:04 am PST

SmarterASP.NET, an ASP.NET hosting provider with more than 440,000 customers, was hit by ransomware yesterday. The company is the third major web hosting firm this year that went down because hackers breached their network and encrypted data on customer servers.

More on the story here:

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Elad Shapira
Elad Shapira , Head of Research
November 12, 2019 2:20 pm

The ransomware attack on SmarterASP illustrates what can happen when third parties suffer a cyberattack. In this case, the websites of all 440,000 of SmarterASP’s customers went offline following the attack, which unquestionably resulted in loss of operations to those customers. Ransomware attacks such as this one demonstrate why it’s not enough for organizations to assess their own systems; they must also assess the risk posed by connecting with third parties.

Last edited 4 years ago by Elad Shapira
Ilia Kolochenko
Ilia Kolochenko , Founder and CEO
November 11, 2019 1:04 pm

Ransomware is a mature, well-organized and extremely profitable business today. Its threat actors are divided into different and disciplined groups, each with a particular area of technical expertise. Some are searching for susceptible victims with vulnerable infrastructure, others are launching the attack, while programming teams are continuously perfecting the malware. Payments in Bitcoin and other cryptocurrencies make these gangs virtually immune from prosecution by law enforcement agencies and allow them to operate in factual impunity. We will likely see growing sophistication of these attacks, eventually triggering a soar of paid ransom in absence of better choice to get data back.

Growing complexity of IT infrastructure and clouded visibility of digital assets make effective cyber-defense virtually impossible today, providing attackers with a multitude of entry points from the Internet via abandoned web applications, forgotten test systems, unprotected cloud storage or just business-critical systems with weak passwords. These are perfect starting points to launch ransomware attacks.

Last edited 4 years ago by Ilia Kolochenko

Recent Posts

Would love your thoughts, please comment.x