ISS World faces cyber-attack; employees worldwide left offline
Thursday, February 20, 2020
The security team at Dutch telecommunications player KPN recently managed to intercept the communications between REvil-infected computers and the REvil ransomware's command-and-control (C&C) servers. The operators of REvil (Sodinokibi) ransomware run a ransomware-as-a-service (RaaS) campaign, where they rent the malware strain to other criminal groups.
“Ransomware attacks are becoming more sophisticated, organised and thus incredibly dangerous in terms of financial losses. Usage of cryptocurrencies make criminals virtually untraceable, spurring a rapid proliferation of ransomware ecosystem,” noted Ekaterina Khrustaleva, COO of web security company ImmuniWeb.
The best defence against ransomware is a robust business continuity plan, which includes regular backups, version control and thorough testing of disaster recovery procedures, noted Stuart Sharp, VP of solution engineering at OneLogin.
“Companies that leverage cloud-based storage and automatic syncing from end point devices will be well-placed to recover from such attacks, but they should practice the recovery procedure to minimise downtime if an attack does occur.”
“Holistic visibility and inventory of digital assets is a wise starting point, as you cannot protect what you cannot see. Human factor is also pivotal, capable of undermining the integrity of technical efforts, so organisations need to consider investing into continuous cyber-security training," suggested Khrustaleva. Read Full Article
SC Media: Pay up, or forget your Google ads revenue!
SC Media: Netanyahu’s Likud Party election app leaked personal info on Israel’s 6.4M voters