According to reports, ICC World, a major facilities company which provides cleaning, catering, security and other services globally has recently suffered from a ransomware attack. It’s said that many of its employees have been unable to access emails while the company’s website has also been down since 17th February.
More details of this story is available here: https://www.bbc.co.uk/news/technology-51572575
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
It’s no surprise that cyber criminals are targeting large-scale organisations which operate in multiple areas with ransomware. As the profits of cybercrime continue to grow, increasingly greedy hackers see businesses with a substantial workforce and revenues as a golden opportunity for significant financial gain.
Tackling this issue requires businesses to remain vigilant, investing in the necessary cyber security solutions to prevent phishing and ransomware attacks that can paralyse an entire organisation within minutes. It’s also vital that employees are properly trained to spot unsolicited or suspicious emails, which all too often are designed to trick workers into handing over confidential information or clicking on hostile links.
Ransomware demonstrates the importance of having plans in place should your organisation experience a cyber incident. The best way to help prevent a ransomware disaster is to set up a simulation attack. A real time simulation is the perfect way of ironing out all the disaster points which may be overlooked in a normal documented policy; all relevant units need to be involved and it should usually last a day.
Ransomware attacks are likely on the up, but unless organisations have to report them to the ICO without data leakage, it is likely that they are going under the radar.
In the case of the ISS World ransomware attack, and all ransomware attacks for that matter, corporations can either become a hero or a villain. In the adrenaline rush of “crisis mode,” I hope the executives and security staff of ISS World choose to be heroes by protecting employees, being transparent and erring on the side of doing the right thing. We all hope for minimum damage, rapid recovery and strengthening of ISS World in the wake of this and of peers from their experience when the dust clears. In any cyber attack, transparency and clarity is what matters and like so many others we\’ll wait to hear more in the coming days. Recently, Travelex suffered a significant breach and leadership was widely criticized for a slow response. That criticism was coming from pundits without specific knowledge of the incident. Let’s not “bayonet the wounded\” because being a target and a victim is happening more and more frequently. Organizations today need to take a much more proactive approach to cyber hygiene by actively hunting for anomalies in their networks. Preventing, detecting and responding to incidents has to highest on the list of steps being taken to minimize and reduce high impact breaches.
Over the last couple of months, we’ve seen numerous ransomware attacks carried out against large companies. The reason being that the potential monetary gains far outweigh the consequences, if successful. What is apparent is that no organisation or sector can think to themselves safe from the firing lines. Businesses must wake-up to this pressing threat as failing to be prepared can quickly result in not only financial losses but also disastrous reputational damage from public confidence decreasing when these types of attacks occur. Implementing strong resilience measures should be the priority for all organisations, regardless of the industry they operate in, as this will ensure that businesses can continue as normal should the worst happen. Making sure that you have contingency plans is best advised, to mitigate any potential losses.
In terms of best practices, I would advise that businesses have non-networked backups and a fallback email and archiving process in place, which can significantly reduce the potential losses of a ransomware threat. Additionally, security needs to be commonly adopted as an organisational responsibility and not just for individuals. We all play a part in maintaining an effective security posture, protecting ourselves and organisations from that intent on causing damage and disruption. Leadership teams must take responsibility for training all staff and educating them on the threats that persist, and how they can defend against them.