The latest rash of cyber attacks has both IT experts and C-level executives wanting to, well, cry. Malware, such as WannaCry and Petya/NotPetya, has been taking enterprises hostage across the globe, encrypting files and holding them ransom in exchange for money. The result? Network outages, debilitated health care institutions, delayed invoicing and shipments, and millions of dollars in lost revenue.
Here’s all you need to know about recent cyber attacks:
- Some Are Total Wipe Outs. New reports indicate that the NotPetya virus may be wiper malware. The virus’ randomized installation ID data means that victims cannot decrypt their files, and indicates that NotPetya was likely designed to cause permanent damage to computer hard drives resulting in total data loss.
- Microsoft Is Taking Unprecedented Action. The cyber attack threat has become so significant that Microsoft released a patch for unsupported versions of Windows, including Windows XP which Microsoft stopped supporting in 2014.
- The Financial Impact is Huge. Snack giant Mondelez had to trim its second quarter revenue growth expectations by 3% and consumer goods company Reckitt Benckiser lost an estimated £100M in revenue due to disrupted operations caused by the Petya virus. It’s estimated that the next big attack could cost cyber insurance companies $2.5B dollars.
- It’s Sneaking in the Back Door. Recent malware attacks are infiltrating businesses through corporate partners, such as accountants and consultants. The Petya virus originated through a targeted attack on accounting software firm M.E.Doc, when a software patch update was infected. The virus spread rapidly once the update was shared with all of M.E.Doc’s partners. While the full effects of the virus are not known just yet, M.E.Doc is used by 80% of Ukrainian companies and deployed on roughly 1 million computers.
- It’s Giving People the Blues. Both WannaCry and Petya exploit a previously undisclosed NSA vulnerability dubbed “EternalBlue”, which enables the malware to be transported across Windows systems. “EternalBlue” leverages the Windows Server Message Block (SMB) file sharing protocol and was leaked by the Shadow Brokers hackers in April 2017.
Cyber crime experts believe that the next big cyber attack is right around the corner, and could lead to even greater damage, so it’s essential for IT organizations to prepare for this threat. The Shadow Brokers leak revealed a number of zero-day vulnerabilities and it’s unclear if additional vulnerabilities will be disclosed soon. At a minimum, organizations should prepare for cyber crime by ensuring that they have a solid patch deployment process, are effectively managing access control and are hardening technology systems to reduce attack surfaces.