Doing Business in a Cyber War Zone
Ransomware attacks targeting businesses and other organizations have grown all too familiar in recent years. Businesses of all sizes across the globe find themselves in the middle of a cyber war zone, with state actors suspected of unleashing ransomware attacks and NATO taking measures to protect their members. The disastrous WannaCry and Petya attacks have take cyber threat to a new level, greatly increasing the danger to your business.
The Stakes Keep Rising
In the past, ransomware attacks typically targeted a specific business. That changed in May 2017, when the WannaCry attack spread using worm-like behavior. Fortunately, a kill switch was found that limited the initial damage caused by WannaCry, although a version without the kill switch was quickly unleashed. Even so, some estimates predict financial losses related to the attack could reach $4 billion dollars.
In June, a new and even more dangerous ransomware began attacking systems worldwide. Major businesses including Maersk and the US pharmaceutical company Merck were hit. The Chernobyl nuclear plant was forced to switch its radiation monitoring system to manual control. A variation of Petya, the new attack upped the ante over WannaCry by altering the Master Boot Record, potentially disabling the entire file system rather than just threatening the victim’s data files. In addition, the attack reboots the system on an hourly basis, adding a DDoS (distributed denial of service) element.
Potential losses from the attack are staggering, with estimates suggesting that Petya could be 10 times costlier than WannaCry.
Cybersecurity Can’t Take a Back Seat
Even more troubling, Petya exploits the same EternalBlue vulnerability as WannaCry, with cyber-criminals banking of the assumption that patches had still not been applied. Unfortunately, they were correct. With the ransomware threat growing ever more dangerous, businesses must make developing a robust cybersecurity infrastructure a top priority.
Training employees on good cyber hygiene and enforcing security policies is still important, but we know it’s far from enough given recent attacks. Network protection in today’s growing threat landscape means building an effective, adaptive, next-generation cybersecurity infrastructure capable of taking on current and future ransomware attacks.
Focus on three key building blocks to strengthen your defenses.
- Advanced threat detection: Today’s threats cleverly mask their malicious activities, rendering signature based threat detection less effective. Behavior-based threat detection using sandboxing and other techniques must be used to counter these threats.
- Proactive mitigation: You lose the game if you wait until after you have been compromised to react. Known and unknown threats must be automatically detected and reported so that corrective action can be taken immediately -- before the damage is done.
- Collaborative security infrastructure: Today’s networks are increasingly complex and borderless. With the move to cloud technologies, IoT (Internet of Things) and BYOD (Bring Your Own Device), security infrastructures need to be scalable, flexible and collaborative. For IT and security groups to keep pace with the challenge, solutions will also need to be automated, fully integrated and have visibility across the entire network, up to the cloud.
A security infrastructure based on these building blocks allows your business to detect and respond to threats in real time, before they start eroding your bottom line. As a Fortinet Platinum Partner, Resilient, can deliver industry-leading cyber security solutions that leverage the Fortinet “Security Fabric.” This security infrastructure covers the entire attack field and provides advanced behavior-based protection from Petya and future dangers. Contact us to Learn more.