In response to the news from Law Sites that disclosed legal services giant Epiq Global has gone offline after a ransomware attack affected all of its office locations, a cybersecurity expert offers perspective.
https://twitter.com/CrossKeycybers1/status/1234882042921472001
This is an example of how ransomware can impact organizations in any industry. While the reports are from unofficial sources, if true, it is also an example of how important patching machines is in the defense against ransomware. Most infections such as this one are started with an employee clicking on a phishing email, then spreads through vulnerabilities in unpatched software or operating systems. In addition, segmenting networks into sections with limited access to other sections can considerably reduce the ability for malware such as this to spread quickly across the network.
Ransomware continues to grow in complexity and features as the attackers rake in money from successful attacks across the globe. With newer versions finding ways to exfiltrate data as well as encrypting the files, the ransomware threat is greater than ever before. Organizations need to take steps to protect themselves before an attack is successful, including training employees to spot and report phishing emails, making sure they have good backups that are isolated from the rest of the network and ensuring that patching is a top priority.