If you recall back in June, the world suffered a major cyberattack using NotPetya ransomware, which is a version of Petya. Petya utilizes a payload that infects the computer's master boot record (MBR), overwriting the Windows bootloader, and then triggering a restart. On the next startup, the payload is executed, which encrypts the Master File Table of the NTFS file system, and then displays the ransom message demanding a payment made in Bitcoin.
An Unprecedented Financial Hit
The company has estimated that it will suffer a loss of between $200 and $300 million U.S. dollars. They’re blaming that loss on the ransomware attack because the company had to temporarily shut its computer systems down to minimize the cyberattack. Although the company is in many other industries, such as the energy sector, they are claiming that their container line of business was the only one impacted.
While many other companies globally were impacted by the NotPetya ransomware attack, it appears now that Maersk took the biggest financial hit. The radiation monitoring system at Ukraine’s Chernobyl Nuclear Power Plant also went offline during the June 2017 cyberattack.
Ransomware is the New Normal
Ransomware attacks have become the new daily norm. The traditional ways of fighting them can no longer be relied upon to detect and block ransomware attacks. Cybercriminals have developed new techniques to disguise their malware by encrypting or modifying it as a method of disguise so they will not match most vendors’ virus signatures database. This leaves organizations’ computer systems and data at serious risk.
Learning from NotPetya and its Damage to Maersk
If ransomware circumvents an AV vendor’s product, it can silently encrypt files and directories until it completes its task. Ransomware can potentially infect all shares to which a user has access, including cloud storage locations.
As opposed to trying to detect and mitigate the ransomware attack on the user end-point machine, Safe-T’s Software Defined SDA enables organizations to deploy a centralized solution to block ransomware attacks when they try to encrypt the organization’s NTFS data stores. This solution allows mitigating any type of known or unknown ransomware attacks, whether they exist within the organization or will hit in the future.
By deploying SDE, organizations gain the benefits of a controlled, secure, and agile data exchange solution which provides users managed access to the organization’s data. At the same time, SDE prevents cryptolockers and other ransomware attacks from hitting the organization’s NTFS.
Companies worldwide are being caught off guard by ransomware attacks and are therefore losing hundreds of millions of dollars, in addition to having potential reputational and brand impact. However, the solution can be quite simple. Contact us today for a quick product demonstration of our ransomware solution and begin protecting your data tomorrow with a cutting edge solution.