Experts Insight On Hackers Steal Data From US Nuclear Missile Contractor

Following the news that cyber criminals have stolen sensitive data from and encrypted the devices of a company which supports the US Minuteman III nuclear deterrent, cybersecurity experts provide an insight below.

Experts Comments

June 04, 2020
Tony Cole
CTO
Attivo Networks
This is yet another high-profile example of a contractor being inadvertently used by threat actors to carry out a ransomware attack. Ransomware attacks are particularly prevalent at this time because threat actors know organisations may have left themselves vulnerable in the rush to avoid business disruption during the pandemic. To deal effectively with ransomware organisations need to move from reactive, incident response to an anticipatory, threat preparedness mindset. Practical measures.....Read More
This is yet another high-profile example of a contractor being inadvertently used by threat actors to carry out a ransomware attack. Ransomware attacks are particularly prevalent at this time because threat actors know organisations may have left themselves vulnerable in the rush to avoid business disruption during the pandemic. To deal effectively with ransomware organisations need to move from reactive, incident response to an anticipatory, threat preparedness mindset. Practical measures include ensuring all data is backed up with copies kept offline. Other steps include maintaining a secure infrastructure in line with NIST, ISO, or NCSC standards. Additionally, put in place a mechanism to cover lateral movement and ransomware detection and mitigation. Create, exercise, and update your incident response place at least yearly. Keep your systems are updated and have the latest patches.  Read Less
June 04, 2020
Matt Lock
Technical Director
Varonis
Cybercrime has matured. Executives and boards must understand that cybercrime is no longer relegated to the realm of amateurs hoping to strike it rich with an untargeted ransomware attack. Organized cybercriminals are big-game hunting, and they are gunning for companies to take down. Companies are reaching a turning point where they understand that it’s inevitable they will succumb to a cyberattack. It’s one reason why the principle of zero trust is gaining ground: You can’t trust users.....Read More
Cybercrime has matured. Executives and boards must understand that cybercrime is no longer relegated to the realm of amateurs hoping to strike it rich with an untargeted ransomware attack. Organized cybercriminals are big-game hunting, and they are gunning for companies to take down. Companies are reaching a turning point where they understand that it’s inevitable they will succumb to a cyberattack. It’s one reason why the principle of zero trust is gaining ground: You can’t trust users because any user could be compromised at any time. Sure, it’s important to train users about phishing, perform backups and patch systems. But what’s really scary is the idea that criminal groups will steal important data before they encrypt it and hold it for ransom. Talk about adding insult to injury: a company could pay the ransom, only to have their files leaked.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.