Pitney Bowes has been attacked by Maze ransomware for the second time in 7 months. The Maze gang has been very active this year, being behind a large number of high-profile ransomware infections, such as Chubb, Cognizant, Bouygues Construction, Southwire, the city of Pensacola, and more.
During this unprecedented time, organizations are rushing to get remote employees access to corporate resources. A by-product of this urgency has been using unpatched and older versions of software like VPNs that, instead of making work from home more secure, in actuality introduce more vulnerabilities.
Cybercriminals are also working harder than ever, and now you’ve got a recipe for disaster. This ransomware attack shouldn’t be that much of a surprise, as we’re seeing increased levels of attacks across all industries. It’s a good reminder that we need to keep on top of our applications’ software patches and updates, as well as making sure we’ve got the appropriate security software installed and updated on our systems.
With the pandemic still keeping global workforces out of the office, C suites are starting to realize that they need to patch their people against ransomware attacks. But the hackers are always ahead of the game. Ransomware attacks are carefully planned and meticulously executed, starting with research to identify target organizations and their employees through Linkedin, Facebook, Twitter and online news searches. Spoof emails are highly effective under normal circumstances but in these difficult circumstances they are even more dangerous. Ransomware attacks may be launched weeks and months before they are executed, and it is very difficult to ensure that the hackers have been eradicated. Just like the corona virus, they can lie dormant and re-emerge.